Data Security

human-I-T
Takes Data Security Very Seriously

Multiple Options for Every Type of Business

With increased mandates for electronic record keeping, data security has become even more important for public companies and government entities.

Our data destruction software is compliant with the following laws:

  • Health Insurance Portability and Accountability Act (HIPAA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Fair and Accurate Credit Transactions Act (FACTA)
  • Federal Information Security Management Act (FISMA)
  • Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Sarbanes-Oxley Act (SOX)
Certificate of Destruction Policy
View PDF

HIPAA

Data Security for Health Plans, Health Care Clearinghouses, and Health Care Providers.

HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

Workstation and Device Security. A covered entity must implement policies and procedures to specify proper use of and access to workstations and electronic media. A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).

GLBA

Data Security for Banks and Financial Institutions.

The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Specifically, human-I-T helps assist Banks, Credit Unions and other companies adhere to the Federal Trade Commission’s (FTC’s) Disposal Rule. Where applicable, the GLBA requires that customer information is disposed of in a secure way.

FACTA

Data Security for Credit Institutions and Reporting Agencies.

The Fair and Accurate Credit Transaction Act of 2003 (FACTA) added sections to the federal Fair Credit Reporting Act (FCRA, 15 U.S.C. 1681 et seq.), intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA.

FISMA

Data Security for Federal Executive Branch Civilian Agencies.

FISMA requires federal agencies to implement a mandatory set of processes and system controls designed to ensure the confidentiality, integrity, and availability of system-related information. The processes and systems controls in each federal agency must follow established Federal Information Processing Standards, National Institute of Standards and Technology standards, and other legislative requirements pertaining to federal information systems, such as the Privacy Act of 1974.

PIPEDA

Data Security for Private Sector Organizations and Commercial Activity.

The Personal Information Protection and Electronic Documents Act (PIPEDA) sets out ground rules for how private sector organizations may collect, use or disclose personal information in the course of commercial activities. PIPEDA also applies to federal works, undertakings and businesses in respect to employee personal information. The law gives individuals the right to access and request correction of the personal information these organizations may have collected about them.

SOX

Data Security for Public Companies and Financial Reporting.

The Sarbanes-Oxley Act of 2002 (SOX) mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud. It created the “Public Company Accounting Oversight Board,” also known as the PCAOB, to oversee the activities of the auditing profession.

Sign up to stay up to date with news, trends and human-I-T events!
Sign Up