Achieving Regulatory Compliance
HIPAA
The
Health Insurance Portability and Accountability Act (HIPAA) requires
organizations in healthcare
industry to provide appropriate
administrative, physical, and technical safeguards for patient
information.
Achieving HIPPA Compliance HIPAA requires
the organizations to establish and maintain reasonable
and
appropriate administrative,technical and physical safeguards to
ensure integrity, confidentiality, and
availability of the
information. Healthcare organizations are required to
individually assess their security
and privacy requirements and
take suitable measures to implement electronic data protection (both
in
transit and in storage). As proposed, a HIPAA‐compliant
information system will need to include combination
of
administrative procedures, physical safeguards and technical
measures to protect patient information while it is stored and
transmitted across communication networks.
SOX
Sarbanes‐Oxley (SOX) Act places specific
requirements on an organization around length and
mechanisms for
retention of its financial records. Created in the wake of Enron and
WorldCom
corporate frauds, the SOX Act is designed to safeguard
against illegal financial activities and other
accounting errors. Achieving SOX Compliance
; SOX Act states that
electronic records must be saved
for five years to ensure that the
auditors and regulators can obtain requested documents. The
organizations regulated under SOX must look to storage format
that will ensure their ability to satisfy
this legal requirement.
GLB
Gramm‐Leach‐Bliley (GLB) ensures consumer privacy at financial
institutions such as banks, thrifts, credit
unions, insurance
firms, brokerages, tax and accounting services, investment services,
etc. Achieving GLBA Compliance All customers of financial
institutions who maintain a relationship or obtain products and
services from
the institution are protected under GLBA. The
products and services may range from mortgages, credit
card
accounts, brokerage/investment accounts, insurance services,
accounting and tax services and
others. Financial institutions
are required to keep variety of non‐public personal information and
personally
identifiable financial information is subject to
privacy controls under GLBA.
SEC
The Securities and Exchange Commission (SEC) and the
National Association of Securities Dealers (NASD)
has also
defined compliance regulations for storage of financial records and
electronic communications. Achieving SEC/NASD Compliance SEC and NASD
have instituted specific regulations that demand compliance to
storage practices for financial records and electronic
communications
|
|
 |
