COMPLIANCE

Vulnerabilities within information security can cost a business a lot, and not just in terms of customers. State and Federal regulations impose steep fines and jail terms for non-compliance with privacy laws. The payment card industry implemented swift and sweeping security requirements for all business accepting payment via payment card after massive information losses within Visa and Mastercard. Non-compliance can mean the loss of credit card services, fees up to $500,000 and potential liability for any breaches in information security.

If you are in business you need to know what the government and your vendors expect of you. Below are some links to the most pertinent regulations and policies for business with regard to Information Security and Privacy.

PCI Regulations - All Merchants excepting payment cards such as VISA & Mastercard.

HIPAA - Healthcare and healthcare related vendors such as mail services that process billing

Gramm/Leach/Bliley - Financial Institutions and loan services such as banks, mortgage brokers, auto dealerships, insurance and investment businesses, credit counselors, or collection agencies.

FERPA - Colleges and Universities receiving federal funds

Sarbannes/Oxley - Publicly traded companies and Non-Profits