- Gramm-Leach-Bliley Act (GLBA)
Network Vigilance ensures compliance to GLBA by utilizing several layers of security to protect the information stream wherever it may lie. Personally identifiable information is a concern to every consumer. We help to ensure privacy and integrity by enforcing security in and out of the network via firewall or VPN and from log monitoring to full disk encryption.
- The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule
Title II of HIPAA, the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.
The AS provisions also address the security and privacy of health data. The standards are meant to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in the US health care system.
The following types of companies are affected by this legislation:
- Medical Institutions
- Insurance Carriers
- Universities & Colleges
- Any company which stores and maintains personal healthcare information
- Payment Card Industry Data Security Standard (PCI DSS)
Network Vigilance is an Approved Scanning Vendor (ASV) helping companies to maintain their PCI compliance by performing quarterly scan reports. We also partner with several Qualified Security Advisors (QSA) that work with companies that require annual on-site assessments. By utilizing the results of the quarterly scans and, in the case of larger merchants, reviewing the results of the QSA report, Network Vigilance can recommend solutions to help mitigate the risk faced by all companies that accept credit cards.
- Sarbanes-Oxley Act of 2002 (SOX)
Network Vigilance helps companies maintain the integrity of their financial information by implementing log management controls to verify legitimate access to information and record potential violations to these rules. Through the utilization of data security measures the officers that must sign off on Section 404 can do so knowing that the report provided is true and accurate.
- Other Compliance Regulations
From an overall security point-of-view, Network Vigilance can help companies and organizations with the multitude of compliance requirements out there today. Security is not enacted by a name but by a methodology. For specific information about becoming compliant with any of the regulations, whether private or by the government, please contact your account manager. Other compliance arenas that we have assisted with include:
- Federal Information Security Management Act of 2002 (FISMA)
- California SB 1386
- Family Educational Rights and Privacy Act (FERPA)
- Federal Energy Regulatory Commission (FERC)
- North American Electric Reliability Corporation (NERC)