You are at risk
You are facing increasing regulatory compliance requirements. If your user's information is exposed, you could face significant financial losses. Our solutions identify and protect you against these risks.
General Data Protection Regulation (GDPR)
- You are legally obligated to notify authorities of a data breach within 72 hours of discovery. You face a fine up of the greater of €20MM or 4% of your annual revenue.
- We have partnered with the world's foremost experts:
- Section 302 - Identification of deficiencies in internal controls.
- Section 404 - Establishing and maintaining internal controls.
Health Insurance Portability and Accountability Act (HIPAA)
- 164.312(a)(2)(iv) - Encryption and Decryption. A mechanism to encrypt and decrypt Electronic Protected Health Information (EPHI).
- 164.312(c)(1) Integrity. Implement policies and procedures to protect EPHI from improper alteration or destruction.
- 164.312(c)(2) Electronic mechanisms to corroborate that EPHI has not been altered or destroyed in an unauthorized manner.
- 164.312(d) Person or Entity Authentication. Procedures to verify that a person or entity seeking access EPHI is the one claimed.
- 164.312(e)(1) Transmission Security. Technical security measures to guard against unauthorized access to EPHI that is being transmitted over an electronic communications network.
- 164.312(e)(2)(i) Security measures to ensure that electronically transmitted EPHI is not improperly modified without detection until disposed of.
- 164.312(e)(2)(ii) A mechanism to encrypt EPHI whenever deemed appropriate.
Payment Card Industry Data Security Standard (PCI DSS)
Protect Cardholder Data
- Protect stored cardholder data.
- Encrypt transmission of cardholder data across open, public networks.
- Maintain a vulnerability management program.
- Protect all systems against malware and regularly update anti-virus software or programs.
- Develop and maintain secure systems and applications.
Implement strong access control measures
- Restrict access to cardholder data by business need to know.
- Identify and authenticate access to system components.
- Restrict physical access to cardholder data.
Monitor & Test Networks
- Track and monitor all access to network resources and cardholder data.
- Regularly test security systems and processes.