|SOX|| || PCI || ||HIPAA || ||GDPR |
|What is SOX?|
The Sarbanes-Oxley Act of 2002 is a federal law that established sweeping auditing and financial regulations for public companies.
Lawmakers created the legislation to help protect shareholders, employees and the public from accounting errors and fraudulent financial practices
What is PCI?
Payment Card Industry (PCI) Compliant for a merchant means that they are adhering to the set of procedures and policies developed to protect cash card transactions of credit and debit cards and prevent the misuse of the user personal information.
Five different programs had been
started by card companies:
The Payment Card Industry Security Standards Council (PCI SSC) was then formed and these companies aligned their individual policies to create the PCI DSS. MasterCard, American Express, Visa, JCB International and Discover Financial Services established the PCI SSC in September 2006 as an administration/governing entity which mandates the evolution and development of PCI DSS.
Independent/private organizations can participate in PCI development after proper registration. Each participating organization joins a particular SIG (Special Interest Group) and contributes to the activities which are mandated by the SIG.
What is HIPAA?
HIPAA is the acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996.
Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
Reduces health care fraud and abuse;
Mandates industry-wide standards for health care information on electronic billing and other processes; and
Requires the protection and confidential handling of protected health information.
|What is GDPR?|
The General Data Protection Regulation (GDPR) standardizes data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information (PII).
It also extends the protection of personal data and data protection rights by giving control back to EU residents. GDPR replaces the 1995 EU Data Protection Directive, and went into force on May 25, 2018. It also supersedes the 1998 UK Data Protection Act.
| SOX_Penalties||PCI_Penalties ||HIPAA_Penalties ||GDPR_Penalties |
More Than Enough?
Regulations, Legislation, Compliance, Assessments,
Staffing, Implementation, Documentation, Funding...
...when enough has become more than enough!