School of Medicine > Central Administration > Central Information Technologies
Skip to main content
Information Security and Privacy
 

wustl.edu
Go Search
Security and Privacy
Information Security
HIPAA Privacy Office
  
Security and Privacy > Information Security > Regulatory Compliance List  

Regulatory Compliance List

Modify settings and columns
List of regulations that impact Washington University and who they impact.
  
View: 
Sort by AttachmentsUse SHIFT+ENTER to open the menu (new window).
DescriptionFilterDocumentationFilter
1
HIPAAUse SHIFT+ENTER to open the menu (new window).
Health Insurance Portability and Accountability Act - legislation that includes requirements for the privacy and security of indentifiable patient health information.  Privacy covers all records whether paper or electronic and the Security focuses on electronic information.
All departments the produce, use, store or transmit patient health records.
2
FISMAUse SHIFT+ENTER to open the menu (new window).
Federal Information Security Management Act - requirements for security controls to be in place when federally regulated information is stored.
Departments that produce, use, store or transmit information to the Veterans Affairs patient database.
3
FDA Part 11Use SHIFT+ENTER to open the menu (new window).
Requirements for controls to non-repudiation of electronic signatures for records that are intended for the Food and Drug Administration.
Departments that take part in drug trials will need to comply.
4
PCI DSSUse SHIFT+ENTER to open the menu (new window).
PCI DSS stands for Payment Card Industry Data Security Standard. It was developed by the major credit card companies as a guideline to help organizations that process card payments prevent credit card fraud, hacking and various other security issues. A company processing, storing, or transmitting credit card numbers must be PCI DSS compliant or they risk losing the ability to process credit card payments. Merchants and service providers must validate compliance with an audit by a PCI DSS Qualified Security Assessor (QSA) Company.
 
Departments that process credit cards for payment of services.
5
Chemical Facility Anti-Terrorism StandardsUse SHIFT+ENTER to open the menu (new window).
The Department of Homeland Security has issued Chemical Facility Anti-Terrorism Standards for any facility that manufactures, uses, stores, or distributes certain chemicals above a specified quantity.
 
Environmental Health & Safety and other information sources that track DHS identified Chemicals.
7
Gramm Leach Bliley Act (GLBA)Use SHIFT+ENTER to open the menu (new window).
Govern the collection, disclosure, and protection of consumers' nonpublic personal information; or personally identifiable information.
8
Family Educational Rights and Privacy Act (FERPA)Use SHIFT+ENTER to open the menu (new window).
Protects the privacy of student education records.