Seven Steps to Information Security Compliance

Cyber communications technology is continually advancing. E-mail is already the most used form of communication, and the use of radio frequencies and satellite relays will soon facilitate wireless communication from anywhere on the planet. The...


HIPAA: The Health Insurance Portability and Accountability Act requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. Provisions also address the security and privacy of electronic health data.

SOX: The Sarbanes-Oxley Act was designed to restore investor confidence following the outbreak of corporate scandals and bankruptcies around 2000. Although the purpose of SOX was to ensure corporate financial accountability and eliminate the risk of any future Enron-type debacle, it has had a major impact on IT departments. SOX requires companies to store and protect all relevant financial records for seven years.

GLBA: The Gramm Leach Bliley Ac t is designed to protect the private financial information of consumers. The law instructs financial institutions to secure and protect private information from unauthorized use or access.

ISO 17799: According to Praxiom Research Group Ltd., "The ISO/IEC 17799 standard consists of recommended best practices for information security . The standard is all-encompassing. It takes a very broad approach to information security . In the context of this standard, the term information includes all forms of data, documents, communications, conversations, messages, recordings and photographs."