We are Compliant. Are you?
An enterprise is only as strong as its weakest link.
Identifying and acknowledging strengths, weaknesses
and potential risks is critically important to the
equation.
Business governance and compliance tends to be specific
to an industry or set of work activities or transactions.
Confidentiality, integrity and availability of data and
information aspects of security are built into the compliance
which then ensures authenticity of business transactions.
Some common areas of compliance today
GDPR
(General Data Protection Regulation) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas. Wikipedia
HIPPA
Regulation designed to protect personal information and data collected and stored in medical records. The Health Insurance Portability and Accountability Act established a national standard to be used in all doctors’ offices, hospitals and other businesses where personal medical information is stored. In addition to protecting personal medical information, HIPPA also give patients the right to view their medical records and request changes if the data is incorrect. (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information. www.businessdictionary.com
CIPA
(Children’s Internet Protection Act) was enacted by United States Congress in 2000 to address concerns about children’s access to obscene or harmful content over the Internet. CIPA imposes certain requirements on schools or libraries that receive discounts for Internet access or internal connections through the E-rate program – a program that makes certain communications services and products more affordable for eligible schools and libraries. In early 2001, the FCC issued rules implementing CIPA and provided updates to those rules in 2011. www.fcc.gov
PCI
The Payment Card Industry Security Standards Council was originally formed by American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc. on 7 September 2006, with the goal of managing the ongoing evolution of the Payment Card Industry Data Security Standard. Wikipedia