Security Compliance
Controlling risks to personal information through enhanced information security has become the subject of state and federal laws.
The recent upsurge in the number of state and federal laws and regulations represents an emerging legal standard that imposes obligations on businesses and institutions
to protect the data they collect, store, process, use, and disclose. These laws increasingly affect how institutions, often operating in multiple jurisdictions,
handle personal information, including sensitive health and financial data. Many of the new laws require disclosures to victims when there is
unauthorized access to systems containing sensitive information. Failure to protect this type of information will inevitably result in public
embarrassment and the financial costs associated with managing the response to incidents and may also result in investigations, fines, and other penalties.
Information Security Laws and Regulations
Security
Practice(s) |
HIPPA
Standards
| GLBA
Regulations
| PCI-DSS
| |
|---|---|---|---|---|
Security
Management
Process (risk analysis, risk management, periodic reviews of effectiveness) |
 |
|
|
|
Assigned
Security
Responsibility (partial or complete assignment of responsibility for information protection) |
|
|
|
|
Workforce
Security (authorization and/or supervision of workforce or contractors, clearance and termination processes) |
|
|
|
|
Management
of
information
Access
|
|
|
|
|
Security
Incident
Procedures
|
|
|
|
|
Contingency
Planning |
|
|
|
|
Evaluation |
|
|
|
|
Contracts |
|
|
|
|
Security
Awareness
Through
Training
|
|
|
|
|
Call Us: 1-877-748-7866
A Stone Street Solutions Team Member can assist you in customizing a solution designed for your environment. Call us to discuss which options will work best for you.
from a service specialist >>>