24X7 NOC/Help Desk: New York Office (212) 763 5555 | Philadelphia Office (610) 249 2400
Regulatory requirements govern many industries. Failing to adhere to security controls around IT may lead to a data breach or loss of client-sensitive information. . Alphaserve is well versed and can help you navigate the channels of regulatory requirements.
|Regulation||How is your Organization Affected?||Changes||Requirements||How to Reduce Risk to your Organization|
|Payment Card Industry Data Security Standard (PCI-DSS)||Accepting client payment over credit card Dealing with clients that have PCI requirements may create fourth party risk||PCI-DSS 3.2 was just released||Meet the PCI-DSS control requirements Required to fill out self-assessment questionnaire||Stop accepting credit card payments or outsource the risk to a third party|
|HIPAA||Any organization that deals with Electronic Protected Healthcare Information (ePHI) is required to abide by the regulatory standard||Ominbus – 2013 Requires organizations dealing with ePHI to become Business Associates HiTech - 2009 Requires organizations storing electronic health records to meet additional controls||Control requirements for HIPAA is determined by law Required controls for business justification or compensating controls||Ensure the information received has been sanitized Safeguard sensitive information appropriately in line with HIPAA laws|
|GLBA||Requires organizations to securely manage Personally Identifiable Information (PII)||Included information about personnel’s privacy in 2009||Safeguard the PII of consumers Accurately measure fourth party risk||Safeguard any information that may be covered under GLBA Ensure safeguards are taken for wire transfers|
|SEC Requirements||Any organization regulated by SEC is required to meet new infosec standards||Continuing to become more stringent as they determine a good baseline||Strong focus on Policies, Standards, Procedures and Data Governance||Know where data is stored, who has access and have policies constructed around information security|