FFIEC: Information Security Handbook Overview (Flash)
Part 1
Part 2


Network Security Regulations




As organizations moved critical services and client data onto the Internet, new regulations soon followed. Today, financial, health care and many other organizations are directly effected by security regulations from The Gramm-Leach Bliley Act (GLBA), OCC, HIPAA, Sarbanes-Oxley, FDIC, the Patriot Act and others. We have listed a brief description of the major regulations that effect network security. For more information, please see the links to the left.

GLBA The Gramm-Leach-Bliley Act requires financial institutions to have a security plan to protect the confidentiality and integrity of personal consumer information.
HIPAA The U.S. Department of Health and Human Services issued a final rule in February, 2003 which adopts standards for the security of electronic health information as part of the implementation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The purpose of the rule is to adopt national standards for safeguarding the confidentiality, integrity, and availability of protected health information.

Sarbanes-Oxley Act The Sarbanes-Oxley Act of 2002 mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud. Its impact on IT departments is that it requires corporations to put internal controls in place to secure the corporation's financial data and provide detailed reporting on those controls for auditors.

© Copyright 2009 Denning Compliance Services, llc.