Health Insurance Portability and Accountability Act - legislation that includes requirements for the privacy and security of indentifiable patient health information. Privacy covers all records whether paper or electronic and the Security focuses on electronic information.
|All departments the produce, use, store or transmit patient health records.|
Federal Information Security Management Act - requirements for security controls to be in place when federally regulated information is stored.
|Departments that produce, use, store or transmit information to the Veterans Affairs patient database.|
Requirements for controls to non-repudiation of electronic signatures for records that are intended for the Food and Drug Administration.
|Departments that take part in drug trials will need to comply.|
PCI DSS stands for Payment Card Industry Data Security Standard. It was developed by the major credit card companies as a guideline to help organizations that process card payments prevent credit card fraud, hacking and various other security issues. A company processing, storing, or transmitting credit card numbers must be PCI DSS compliant or they risk losing the ability to process credit card payments. Merchants and service providers must validate compliance with an audit by a PCI DSS Qualified Security Assessor (QSA) Company.
|Departments that process credit cards for payment of services.|
The Department of Homeland Security has issued Chemical Facility Anti-Terrorism Standards for any facility that manufactures, uses, stores, or distributes certain chemicals above a specified quantity.
|Environmental Health & Safety and other information sources that track DHS identified Chemicals.|
Govern the collection, disclosure, and protection of consumers' nonpublic personal information; or personally identifiable information.
Protects the privacy of student education records.