Securing the personal information of customers, partners and employees is more than just a value-added service—it’s often the law. Compliance is closely monitored by a number of government and regulatory bodies.
Here’s a quick look at key links pertaining to email encryption and its examination by regulatory bodies:
The Gramm-Leach-Bliley Act (GLBA) of 1999 protects consumers’ personal financial information held by financial institutions. Its “Safeguards Rule” requires all financial institutions to design, implement and maintain safeguards to secure confidential data. Its guidelines address standards for developing and implementing administrative, technical and physical processes to protect the security, confidentiality and integrity of customer information. For more information, click on:
http://www.ftc.gov/privacy/privacyinitiatives/glbact.html
In GLBA’s Section 501(b), the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency and the Office of Thrift Supervision have been ordered to establish standards for protecting the security and confidentiality of financial institution customers’ non-public personal information.
This came into effect on July 1, 2001. To learn more, go to:
http://www.fdic.gov/news/news/financial/2001/fil0168.html
Under the GLBA’s examination procedures, the encryption of electronically transmitted and stored customer data is listed as a key area to manage and control an institution’s risk. For more information, visit:
http://www.fdic.gov/news/news/financial/2001/fil0168a.html
In 2006, the Federal Financial Institutions Examination Council (FFIEC)released a handbook on information security practices. Regarding encryption, it stated that financial institutions should use encryption to mitigate the use of disclosure or alteration of sensitive information in storage and transit. Encryption should include. For more information, visit:
- Encryption strength sufficient to protect the information from disclosure until such time as disclosure poses no material risk
- Effective key management practices
- Robust reliability
- Appropriate protection of the encrypted communication’s endpoints
For more information, visit: http://www.ffiec.gov/ffiecinfobase/booklets/information_security/information_security.pdf
We have partnered with Zixcorp to add to our security product portfolio to help our customers to adhere and protect their at risk information. Look at Zixcorp’s list of clients and we believe your too will want to be added as a client as well. Be sure to contact us for more information and scheduling a demo of their wonderful products. If you handle anyone’s personal data this is product for you.
Some of the industries that should be looking at this type of product:
| Financial & Government Institutions | Professionals | Medical |
| Banks and Savings and Loans | Law Firms | Doctors |
| Federal Credit Unions | Accountants | Clinics |
| Asset Management Firms | Insurance | Hospitals |
| Government Agencies |