Purpose of the Regulation
Who Is Effected?
Health Insurance Portability and Accountability Act (HIPAA)
This act is a two-part bill. Title I: protects the health care of people who are transitioning between jobs or are laid off. Title II: meant to simplify the healthcare process by shifting to electronic data. Also, it protects the privacy of individual patients.
The sort of company affected by this bill is any company or office that deals with healthcare data. That includes but is not limited to doctor’s offices, insurance companies, business associates, and employers.
Health Information Technology for Economic and Clinical Health Act (HITECH)
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) mandates audits of health care providers to investigate and determine if they are in compliance with the HIPAA Privacy Rule (effective in 2003) and Security Rule (effective in 2005)
If you are required to comply with HIPAA standards, then you are required to comply with HITECH
Gramm Leach Bliley Act (GLBA)
This act allowed insurance companies, commercial banks, and investment banks to be within the same company. As for security, it mandates that companies secure the private information of clients and customers.
This act defines “financial institutions” as: “…companies that offer financial products or services to individuals, like loans, financial or investment advice, or insurance.”
A set of 12 regulations designed to reduce fraud and protect customer credit card information.
Companies handling credit card information.
General Data Protection Regulation (GDPR)
Aims to protect citizens in the European Union (EU) from data breaches.
The GDPR applies to all companies processing personal data for people residing in the EU, even if that company is not physically located or based in the EU.
This act requires companies to maintain financial records for seven years. It was implemented to prevent another Enron scandal.
U.S. public company boards, management and public accounting firms