Solution Briefs

The New York State Information Security Breach and Notification Act, passed in 2009, amended the State Technology Law (Section 208) and the General Business Law (Section 899-aa) to more clearly define the parameters of what constitutes a data breach.

The Georgia Personal Identity Protection Act (GPIPA) was expanded in 2007 to cover three types of entities: information brokers, data collectors, and people or businesses that maintain computerized data on behalf of an information broker or data collector, which includes public universities and other state and local agencies.

CREDANT Solutions for PIPEDA Compliance - Canadian regulation protects individual rights on personal data protection

As of April 1st, 2009, businesses in Texas are now required to protect all email transmissions and personal identifying information. The Texas Identity Theft Enforcement and Protection Act is one of the strongest and most comprehensive of these laws.

The PCI Security Standards Council was founded in 2007 by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc. Working with a wide range of industry and technology advisors, the Council developed the Payment Card Industry Data Security Standard (PCI DSS) to reduce risks to PCI members, merchants, service providers and consumers.

Signed into law on February 17, 2009 the American Recovery and Reinvestment Act of 2009 dedicates substantial resources to health information technology to support the electronic exchange and use of health information.

More than 700 enterprises and government agencies relay on CREDANT for security compliance.

Tennessee Senate Bill 3671 mandates a number of rigorous penalties for state and local government entities which fail to safeguard confidential citizen information on laptops and removable storage devices. 

The Massachusetts law—201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth—is intended to ensure the security and confidentiality of personal data of Massachusetts residents.

Enacted in 2008, HB 1197 requires the Indiana state attorney general to publish notice of a security breach involving personal data managed by companies.

In line with breach notification laws recently passed in other U.S. states, Florida State Statute 817.5681 requires notification by companies doing business in Florida.

The OMB Data Security Directive that instructed all federal agencies to comply with specific data security guidelines issued by the National Institute of Standards and Technology (NIST). 

CREDANT Mobile Guardian ensures that SOX encryption and security mandates are consistently and effectively enforced – no matter where the data resides.

Compliance with this California law has become a major security issue for companies worldwide. But companies can avoid the reporting requirement by encrypting all personal information, and that’s where CREDANT comes in.

Safe Harbor encryption and security mandates can easily be met with CREDANT Mobile Guardian, allowing multinational organizations to routinely share personal information.

With CREDANT, companies can protect cardholder data from leaving via an unprotected USB flash drive; provide confidentiality, privacy and auditing of data residing on any endpoint; and protect sensitive data from unwarranted access.

By encrypting and securing patient data across multiple platforms, CREDANT offers the ideal technology solution for hospitals and healthcare facilities.

When commercial and investment banks consolidate, protecting personal information can be difficult. CREDANT helps these institutions meet GLBA requirements and avoid severe civil and criminal penalties.

With CREDANT, organizations can encrypt data using FIPS-140-2 complaint algorithms; eliminate the risk of users placing data in non-encrypted areas; provide confidentiality and auditing of data on any endpoint; and protect data from unwarranted access.

Today’s law firms must understand and adhere to several laws and regulations. CREDANT delivers data security that meets modern demands, yet doesn’t interfere with a firm’s ability to quickly find and disclose relevant information.

CREDANT offers automated endpoint data security administration, comprehensive reporting, and the ability to quickly implement changes to meet today’s data at rest security needs.

Backed by CCTM certification, CREDANT Mobile Guardian provides UK government entities with IT security solutions that meet requirements, regardless of where the data resides.