New federal and international regulations bring a wave of new requirements and processes, both technical and organizational, that will safeguard personal information and by proxy protect all information technology.
New organizational and technical measures have been put in place to assure your data privacy and control. Specifically:
Ensure reliable service to our customers
Ensure security and privacy of our systems and network, as well as the networks and systems of others
Comply with existing laws
Maintain our reputation as a responsible service provider
Encourage responsible use of the Internet and discourage activities which reduce the usability and value of Internet services
Preserve the privacy and security of individual users
HIPAA (Health Insurance Portability and Accountability Act of 1996) provides detailed instructions for handling and protecting a patient’s personal health information.
Which industries must follow HIPAA?
The following entities must follow The Health Insurance Portability and Accountability Act (HIPAA) regulations. The law refers to these as “covered entities”:
Most health care providers, including doctors, clinics, hospitals, nursing homes, and pharmacies
Health care clearinghouses
ExchangeDefender technologies service thousands of healthcare organizations to assist them in complying with the latest HIPAA regulations when it comes to their email.
ExchangeDefender (Own Web Now Corp) is pleased to announce full compliance with General Data Protection Regulation (GDPR) which went into effect May 25, 2018. GDPR is a regulation in European Union law that aims to improve data protection and privacy. As a global company, and as one whose primary mission is email security, we see many of the requirements in this new law not just as necessary but also as long overdue.
Exchange Defender helps organizations comply with GDPR by automating detection of sensitive private information, EU client data, consent tracking and powerful audit & policy wizards that alert you to potential issues.
Which industries are affected by GDPR?
Most are, The GDPR applies wherever you are processing ‘personal data’. This means if you can identify an individual either directly or indirectly, the GDPR will apply.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that process credit cards. The standard was created to increase controls around cardholder data to prevent credit card fraud.
Which organizations need to comply?
PCI DSS compliance is required by credit card companies to make online transactions secure and protect them against identity theft. Any merchant that wants to process, store or transmit credit card data is required to be PCI compliant, according to the PCI Compliance Security Standard Council.
The California Consumer Privacy Act (CCPA) offers consumers the right to opt out of the sale of their personal information, the right to access their personal information, and the right to delete their personal information.
5 Key Requirements for the California Consumer Privacy Act
ExchangeDefender helps organizations within the United States comply with the new CCPA bill by controlling data access and enabling service-level agreements. We ensure that all email security measures have been taken to be in compliance with the CCPA.