sarbanes oxley hipaa glba iso17799



Compliance, Corporate Governance and IT security

Over the last 5 years we have seen significant changes in the attitude of regulators towards the commitment of different industries to information privacy.  In the USA and in Europe specific laws have been passed that require corporate due-diligence and compliance. Increasingly fines and even criminal penalties are being applied where compliance is ignored.
      



sarbanes oxley  Sarbanes-Oxley (SOX)
This paper considers the Sarbanes-Oxley regulation.  Corporate governance and compliance have become critical issues for most organizations.  Sarbanes-Oxley can impact on the IT security requirements which inevitably form part of formal company reporting.


hipaa security  HIPAA (Health Insurance Portability & Accountability Act)
HIPAA is very wide ranging regulation addressing information handling requirements at professional and technical levels. We concentrate on the areas of the HIPAA Security Rule with the regard to the upcoming requirements to implement technical measures that ensure privacy in all its requirements.


gramm-leach-bliley  Gramm-Leach-Bliley Act (GLBA)
This paper considers the application of the Gramm Leach Bliley Act (GLBA) on information security.  GLBA requires the enhanced protection of non-public personal information, including health information.  It is applied specifically to the finance industry and again there is a requirement for compliance.


iso 17799  ISO 17799 (BS7799)
This paper addresses how the enterprise should manage its information security consistent with management standards such as ISO 9000/14000.  It contains over 200 controls that an enterprise should consider implementing, including the management requirements for outsourcing systems and services.