The Gramm-Leach-Billey Act (GLBA) "governs the treatment of nonpublic personal information about consumers by... financial institutions [from which those consumers] obtain financial products or services primarily for personal, family or household purposes." While primarily directed at banks, schools that provide or help their students obtain financial aid also fall under GLBA's purview.
The question then arises: Can a school that uses Populi be considered GLBA-compliant?
According to 16 CFR § 313.1, "Any institution of higher education that complies with the Federal Educational Rights and Privacy Act (“FERPA”), 20 U.S.C. 1232g, and its implementing regulations, 34 CFR part 99, and that is also a financial institution subject to the requirements of this part, shall be deemed to be in compliance with this part if it is in compliance with FERPA."
Thus, if you're in compliance with FERPA, you are considered to be in compliance with GLBA. As this article makes clear, Populi does all it can to help your school comply with the FERPA guidelines.