Worldwide Privacy Regulations

In the interest of aiding our existing and potential customers with information on privacy and data security regulations, we maintain an up-to-date summary of relevant legislation and related links.

If you would like to discuss these regulations any further, please contact us.

USA

Health Insurance Portability and Accountability Act (HIPAA). The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996. As part of the Act, Congress called for regulations promoting administrative simplification of healthcare transactions as well as regulations ensuring the privacy and security of patient information. More information on HIPAA

Sarbanes Oxley Act (SOX, SarBox). This Act (Also known as the Public Company Accounting Reform and Investor Protection Act of 2002) is a United States federal law passed in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, and WorldCom (now MCI). The legislation is wide ranging and establishes new or enhanced standards for all U.S. public company Boards, Management, and public accounting firms. More information on SOX

Gramm-Leach-Bliley Act (GBLA). This Act (also known as The Financial Modernization Act of 1999), seeks to protect consumers”” personal financial information held by financial institutions. It requires financial institutions to protect customer records and prevent unauthorized access and use of them. More information on GBLA

California Security Breach Information Act (SB 1386). Senate Bill 1386 went into affect in July 2003.  It requires state agencies and companies conducting business in California to disclose any breach of security to any resident whose unencrypted data is believed to have been disclosed. More information on SB 1386

Canada

Personal Information Protection and Electronic Document Act (PIPED). This Act sets out ground rules for how private sector organizations may collect, use or disclose personal information in the course of commercial activities. It includes provisions for maintaining security of data, as well as regulations on its use. More information on PIPED

Europe

Data Protection Directive 95/46/EC. This is a directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data.  It covers any data that can be linked to a person (by any means), and any processing of that data.  It is applicable to any controller that is established in the EU or uses equipment situated within the EU.   More information on 95/46/EC

Data Protection Act (DPA). This Act mandates that the processing of sensitive personal data should be secured in order to protect the privacy of individuals. DPA prohibits the disclosure of personal data to any third party without the explicit consent of the targeted subject. More information on DPA

Australasia

Corporate Law Economic Reform Program (CLERP). The Corporate Law Economic Reform Program (CLERP) is part of the federal government””s ongoing program to modernize business regulation in Australia.  It was developed to improve productivity, promote business activity and economic development, based upon principles such as market freedom and investor protection, quality disclosure of relevant information to the market. More information on CLERP