Coviant Software

Data Protection and Compliance

Compliance Briefs

Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is “both”.

Good business practice dictates data protection for you, your customers, and your business partners — including data-in-motion. But, even the best security practices do not alleviate the need to comply with regulations and standards that can carry high contractual, civil, and criminal penalties. Plus, the indirect loss of faith of your customers or business partners can have an incalculable impact on your bottom line.

HIPAA/HITECH

The Health Insurance Portability and Accountability Act (HIPAA) established national standards for the security of electronic health care information with both civil and criminal penalties for non-compliance by covered entitles, such as hospitals or physician practices. The HITECH Act of 2009 extended these penalties beyond covered entities to their business associates and established more rigorous enforcement policies.

PCI DSS (Payment Card Industry Data Security Standard)

PCI DSS is an assessment tool for use during compliance audits. It enhances payment account data security and help organizations proactively protect customer account data. It was developed and is maintained by the major credit card companies and facilitates the adoption of consistent data security for credit card data. Each entity that has a relationship with a credit card company, financial institution, or their agents must provide compliance validation documentation.

SOX (Sarbanes-Oxley)

SOX mandates that all publicly-traded organizations demonstrate due diligence in the disclosure of financial information. Each organization must also implement internal controls and procedures to protect financial data from unauthorized access, including access that could occur through file transfers.

State Privacy Laws

In addition to Federal regulations, forty-six states, the District of Columbia, Puerto Rico and the Virgin Islands have enacted legislation requiring notification of security breaches involving personal information. Many of which impose both civil and criminal sanctions for failure to comply. The Massachusetts privacy law is one of the most stringent laws and applies to all organizations doing business with residents of Massachusetts

Why do all School Buses Look the Same? (TL;DR: Standardized = good)

When things are standardized, operations are safer, easier, and more cost effective.

Automating and Securing HR Data Transfers to AbsenceSoft

One of the many things I love about my job is hearing from our customers how Diplomat MFT helped them solve a data management and compliance problem. Turns out there are a lot more ways secure, managed file transfer can help organizations interact with customers and...

Coviant Software: Your Trusted Partner for HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 and is one of the first regulations to apply specifically to securing a type of information we now know as protected health information (PHI) in electronic or digital form, both when...

With Diplomat MFT, CitiConnect Compliance is as Simple as 1-2-3

One of the big advantages of a well-built, commercial, secure managed file transfer (MFT) solution compared to an in-house, DIY approach, is an architecture with broad support for integrations and protocols that enable interoperability with other organizations. Many...