Skip to main content

Security Policy

Montana Higher Education Student Assistance Corporation (MHESAC) has a responsibility to protect any personally identifiable information (PII) such as name, address, date of birth, social security number, etc. that is collected from its website users. To this end, MHESAC has adopted and implemented a website security policy to protect any stored PII from disclosure to any unauthorized parties.

Notice and Disclosures

MHESAC will not sell, trade, nor disclose the PII of its website users to any unauthorized third parties.

Data Quality and Access

MHESAC takes all possible steps to ensure that the data on the website is accurate. If information is found to be inaccurate, MHESAC will make every effort to correct the information as quickly as possible. The information contained on the MHESAC website is subject to change without advance notice.

MHESAC uses cookies, third-party web analytic tools, and other programmatic means to enhance the website experience for its registered users. A cookie is a small file that is stored on the user’s hard drive. MHESAC and its partners use this file to maintain certain information about the user as they access our website. Most browsers default to accept cookies, but this functionality can be turned off by the user. Note; many of the services offered on the website may not run optimally or at all without cookies enabled.

While using the MHESAC website certain information such as your IP Address and time spent on pages, referring and redirected sites may be collected. This non-personal information is collected in order to maintain the security of the MHESAC site. Anyone caught attempting to harm, steal information from, or otherwise misuse the MHESAC website will be prosecuted to the full extent of the law.

Data Security

MHESAC takes security very seriously and has therefore taken every precaution to secure information. In order to secure the information, MHESAC has implemented several security measures to prevent loss, theft, or misuse of data.

Whenever personally identifiable information (PII) is collected, MHESAC requires that a secure connection be established using Secure Socket Layer (SSL) technology. During an SSL session, data passed back and forth between the user’s computer and MHESAC’s servers is secured with public key cryptography. The user’s browser exchanges certificates with MHESAC’s servers to create a private conversation that only the user’s computer and MHESAC’s systems may understand. To benefit from this security and to use many of the features on the MHESAC site you will need to use an SSL enabled web browser.

If a user sends email correspondence to MHESAC, the return address may be used to respond to the inquiry. Depending on the nature of the correspondence, the address and content contained in the messages may be permanently recorded so that it can be referenced in the future. Email is not a secure means of transmitting PII.

Contact Us

If you have any questions regarding this policy please contact our business manager, Student Assistance Foundation:

        Student Assistance Foundation
        P.O. Box 5209
        Helena, MT 59604-5209
        (406) 495-7800