Security Laws

Government Security Laws

Action DataTel has adopted proven checklists to assist you with bringing your business into compliance.  If you aren’t sure about where your business stands, just give us a call.  We can help assess whether you should be in compliance with any Security Laws at all, and if so, which ones.  We can provide compliance for the following:

HIPAA Compliance

Healthcare providers who transmit personal medical data electronically are required to be HIPAA (Health Insurance Portability and Accountability Act) compliant.  This act encompasses the obvious businesses, such as Hospitals, Pharmacies, and Clinics but also affects dentists, chiropractors, and eye care.  The HIPAA Act governs the way confidential patient information is transmitted and handled.  These businesses must adhere to specific data security and physical security practices.

PCI Compliance

Merchants accepting credit cards as a method of payment need to be aware of the requirements established by PCI. Action DataTel assists in meeting all security guidelines specified by the Payment Card Industry Council for Data Security.  This compliance is now required for all businesses that accept major credit cards.

Patriot Act Compliance

If your business engages in international commerce or has clients in specific industries, such as Insurance Companies, Real Estate Agents, or Auto dealers, you may be required to comply with certain provisions of this law.  Many companies believe this law applied only to financial institutions.  In short, the Patriot Act makes private businesses responsible for seeking, detecting, and reporting trespasses into their computers or networks.

Red Flag Compliance

The Red Flags Rules deal with Identity Theft.  The Rules were adopted in 2009 by six federal agencies, including the Federal Trade Commission and the Board of Governors of the Federal Reserve System.  Under these rules, businesses who provide products or services and bill customers later must implement a written Identity Theft Prevention Program.  Many of the requirements of this law are also covered int he Oregon Identity Theft Protection Act.

Sarbanes-Oxley (SOX) Compliance

The Sarbanes-Oxley Act came into effect in July 2002.  Most think this law affects only publicly-traded companies.  In fact, it affects any company who may go public in the future and any private company, anywhere, that has a significant business partner relationship with a US-listed public company.  SOX introduced significant changes to the regulation of corporations and their financial practices.

Oregon Identity Theft Protection Act Compliance

Introduced in 2007, the Oregon Identity Theft Protection Act governs all businesses in Oregon.  It was designed to protect any personal consumer information a business may retain.  Businesses are required to develop and maintain reasonable safeguards to protect the security and confidentiality of the clients personal information.

 

Take The Next Step

Contact Action DataTel today.  Don’t get caught with a security breach or be fined.  We will help you devise a plan to meet regulatory compliance and the steps to implement it.