COMPLIANCE REGULATIONS

No matter your industry, data protection is paramount – it ensures personal identifiable information (PII) or protected healthcare information (ePHI/PHI) is kept confidential and secure from fraudulent activity. Some industries, however, are required to follow certain compliance guidelines to ensure data protection is being handled with utmost security. These compliance regulations enforce strict rules on how PII/PHI should be handled internally. At HRS, we understand the importance of keeping compliant and boast about our HIPAA & GLBA compliant services. Below are a few compliance regulations we have experience redacting for.

HIPAA

The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other identifiable health information. The Rule requires appropriate safeguards to protect the privacy of protected health information and sets limits and conditions on the uses and disclosures that may be made of such information without an individual’s authorization.

FERPA

The Family Educational Rights and Privacy Act (FERPA) is a federal law enacted in 1974 that protects the privacy of student education records. FERPA applies to any public or private elementary, secondary, or post-secondary school. It also applies to any state or local education agency that receives funds under an applicable program of the US Department of Education.

CCPA

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. CCPA regulations provide guidance on how to implement the law. Companies are required to give consumers specific notices explaining their privacy practices. The CCPA applies to many businesses, including data brokers.

GDPR

The General Data Protection Regulation (GDPR) is the world’s strictest privacy and security law. It imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The GDPR will levy harsh fines against those violating its privacy and security standards, with penalties reaching the tens of millions of euros.

GLBA

The Gramm-Leach-Bliley Act (GLBA) requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.

FOIA

The Freedom of Information Act (FOIA) states that the public has the right to request access to federal agency records or information unless the records fall under any of nine exemptions contained in the law or by one of three special law enforcement record exclusions.