|
|
 |
 |
|
|
Policy & Regulatory Compliance Assessment
Setec Security's Policy & Regulatory Compliance Assessment helps organizations understand and meet the complex industry-specific governmental policy and regulatory regulations mandating the protection of electronic data and sensitive information in a way that exceeds business requirements and maximizes investments.
The increased frequency and intensity of security incidents, including high profile breaches, is continuing to result in new legislation at both the state and federal level. Organizations need a complete understanding of the impact of regulations on their core business and to verify and validate compliance with these regulations. Setec Security helps organizations sustain asset risk exposures within a prescribed and acceptable range by reviewing in-scope assets for conformity with established security standards.
Setec Security has expertise in the following regulatory areas:
- Gramm-Leach-Bliley Act (GLBA) - Comprehensive law requiring financial institutions to protect the security, integrity, and confidentiality of consumer information, while requiring a higher level of security awareness and understanding
- Health Insurance Portability and Accountability Act (HIPAA) - Far reaching legislation that governs privacy, security, and electronic transactions of health care information
- Sarbanes Oxley - Legal mandates that all public organizations demonstrate due diligence in the disclosure of financial information and implement a series of internal controls and procedures to communicate, store, and protect that data
- California Senate Bill No. 1386 - Mandates that all entities conducting business in California through electronic means must report breaches of security that could effect California residents
- Children's Online Privacy Protection Act (COPPA) - Rules dictating what a web site operator must include in a privacy policy, when and how to seek verifiable consent from a parent and what responsibilities an operator has to protect children's privacy and safety online
- BS 7799 & ISO 17799 - International security standard containing a comprehensive set of controls including best practices in information security comprising of a code of practice [ISO 17799] and a specification for an information security management system [BS 7799-2]
In addition, Setec Security is proficient with regards to various other government standards.
|
|
|
|
|
|
