top of page

Regulatory Laws

Digital Data Solutions provide several ways to satisfy these requirements.

​

  1. Encryption that ensures privacy for sensitive data

  2. Rapid access and retrieval of information required.

  3. Coverage for servers, desktops, laptops, and remote computers

  4. Protection against data loss  from natural disasters, human error, or sabotage

 

Gramm-Leach-Bliley   (GLB)

requires banking and financial institutions across the United States to describe how they will protect the confidentiality and security of consumer information.

Gramm-Leach-Bliley applies to the following industries:

Automobile Leasing companies, Banks, Securities Brokers, Credit Union Real Estate Appraisers, Insurance Companies

If you are found non-compliant, you could be vulnerable to severe fines and even subject to class-action lawsuits.

 

The Fair and Accurate Credit Transaction Act  (FACTA)

(FACTA) is a broad sweeping consumer rights bill providing for the securing, handling and disposal of consumer information.

It is designed to reduce the risk of identity theft and consumer fraud. FACTA enforces the proper dissemination and destruction of consumer information such as name, address, Social Security Number, credit information and data compiled from this information.

There are penalties if you are found non-compliant.  You could be vulnerable to severe fines and even subject to class-action lawsuits.

 

The Health Insurance Portability and Accountability Act   (HIPP) / (HIPAA)

ensure healthcare organizations in the U.S. will be responsible for the secure access and electronic transmission of patient information and the secure storage and disposal of that information.

HIPPA non-compliance can have devastating consequences. It not only opens you up to severe fines and penalties, but also to litigation and negative publicity.

 

Sarbanes-Oxley Act  (SOX)

(SOX)  requires all public companies to submit an annual assessment of the effectiveness of their internal financial auditing controls to the Securities and Exchange Commission (SEC). Additionally, each company’s external auditors are required to audit and report on the internal control reports of management, in addition to the company’s financial statements.

The penalties for non-compliance may be lawsuits and negative publicity. A Corporate Officer who does not comply or submits an inaccurate certification is subject to a fine up to $1 million and ten years in prison, even if done mistakenly.

 

​

 Health Information Technology for Economic and Clinical Health  (HITECH)

(HITECH) added new security provisions including

  • Requirement to notify patients & HHS and PHI(Protected Health Information) about security breaches.

  • New HIPPA regulations regarding business partners and enforcement of penalties

  • Restriction on the sale and marketing of PHI

  • Ensuring that patients have access to their electronic health information

  • Accounting of disclosures of PHI to patients.

In short, the privacy restrictions will be more stringent; with more stringent patient access and notification requirements should any breach in security occur.

 

CRF  128 K

(CRF  128 K) IS TO ENSURE THAT Federal records are stored properly in structures where they’ll be protected from danger such as fire, weather, mold  etc. This protection extends to electronic and nontectural records. 

WHO must comply all federal agencies as well as their contractors, integrators and other partners.

Penalties for non compliance is up to 10years prison sentence and/or a mximum $1 million dollar fine.

 

SEC Rule 17a

(SEC Rule 17a) requires keeping records for reviewing and auditing securities transactions. SEC Rule 17a amends Security Exchange Act of 1934 to allow broker-dealers to store electronically, including electronic communications such as email and instant messages.

Penalty for non compliance is suspension and potential fines up to $1 million dollars.

​

 

FRCP RUle 26

(FRCP Rile 26) governing discovery and disclosure of information relevant to civil lawsuits. Any enterprise can become involved in a civil lawsuit. Enterprises must produce requested information rapidly and completely. Enterprises must demonstrate good-faith efforts to retain and produce data, and that destruction of data is not deliberate but part of routine records purging.

Penalties include  fines, sanctions and negative outcomes of lawsuit.

 

Digital data solutions provide several ways to satisfy these requirements.

  1. Encryption that ensures privacy for sensitive data

  2. Rapid access and retrieval of information required.

  3. Coverage for servers, desktops, laptops, and remote computers

  4. Protection against data loss  from natural diseasters, human error, or sabotage

bottom of page