The dramatic increase in cyber crime, frequent cases
of lack of internal corporate financial controls, and
the recognized value of information to companies and
individuals has resulted in the enactment of legislation
and regulations requiring significant improvements in
information protection. In the U.S., the Healthcare
Insurance Portability and Accessibility Act (HIPAA)
mandates very stringent protection of all individually
identifiable healthcare information. Information
protection requirements have been placed on government
and private organizations by legislation such as the
Homeland Security Information Sharing Act (HSISA, H.R.
A long list of new requirements have been placed on
protection of information:
Passed in 2002, this Act places strict requirements on
company Boards and Officers to proactively prevent
mishandling of information.
Gramm-Leach-Bliley Financial Services Modernization
Act mandates strong protection of personal financial
California SB 1386 (the California Data Security
Act) requires control of privacy of individual financial
New York Reg. 173 mandates the active encryption of
sensitive financial information sent over the Internet.
Homeland Security Information Sharing Act (HSISA,
H.R. 4598), Security Rules and Regulations.
Healthcare Insurance Portability and Accessibility
Act (HIPAA), place liability on anyone who fails to
properly protect patient health information including
bills and health related financial information.
International Organization for Standardization
(ISO) 17799, This standard defines an extensive approach
to achieve information security including communications
systems requirements for information handling and risk
European Union Data Protection Directive Mandates
protection of personal data.
Japanese Protection for Personal Information Act,
Kojin Joho Hogo HouA, May 2003.
17CFR Part 210s records retention.
IASBs accounting procedures from AICPA and FASB.
SEC and NASD, 21 CFR Part 11.
NASD rules 2711 and 3010.
FDA 21 CFR-11.
More about AirZip