Protection of confidential customer information such as social security and credit card numbers contained in email, IM, and other electronic formats are required to meet regulatory compliance including PCI DSS, Sarbanes-Oxley Act, HIPAA, Gramm-Leach-Bliley Act, SEC, NYSE, NSAD, etc. Companies must prepare and protect themselves with the proper compliance and auditing data security and management solutions.
PCI DSS, Payment Card Industry Data Security Standard, a set of comprehensive requirements for enhancing payment account data security was developed by the founding payment brands of PCI Security Standards Council, including America Express, Discover Financial Services, JCB International, MasterCard Worldwide, Visa, Inc. to help facilitate the broad adoption of consistent data security to protect customer account data.
Health Insurance Portability and Accountability Act (HIPAA) passed in 1996 by the U.S. Congress involving health insurance providers, employers, and employees and families. Title II of HIPAA, the Administrative Simplification (AS) addresses the security and privacy of health data use of electronic data interchange in the U.S. health care system.
Sarbanes-Oxley Act of 2002 passed in July 2002, is a U.S. federal law following a number of major corporate and accounting scandals.
The Sarbanes-Oxley Act states that business information, including email and messaging data must be retained by organizations for compliance.
Gramm-Leach-Bliley Act, passed in November 1999 by the U.S. Congress involving competition among banks, securities companies and insurance companies. Included in the GLB Act, the Financial Privacy Rule addresses the collection and disclosure of customers’ personal financial information by financial institutions and must have a policy in place to protect against threats in security and data integrity.
ction of confidential customer information and proper management of financial and personal data
Other Regulatory Compliance