Security Framework OverviewCompliance Regulations and Standards
Security and Compliance Overview
Today’s environment brings increasing regulation to our customers. While this may be viewed as tedious, we hope to deliver value as we provide compliant solutions.
Global Data Vault enables compliance with a variety of standards and regulations including those listed below. Our compliance is accomplished through physical controls, logical controls, and to a large degree through policy controls.
As you evaluate working with Global Data Vault, we’ll share more details about the actual controls in place. We can also review our controls compared to your needs outside the regulations and standards listed here.
|HIPAA||Health Insurance Portability and Accountability Act||US Federal Law||Regulation||Companies that keep any patient health information|
|PCI||Payment Card Industry||Companies that issue credit cards||Standard||Companies that store credit card numbers|
|NIST||National Institute of Standards and Technology||US Federal Government||Standard||US Federal Government entities and their vendors|
|DFARS||Defense Federal Acquisition Regulation Supplement||US DoD||Regulation||Companies serving the US DoD|
|GDPR||General Data Protection Regulation||European Union||Regulation||Companies that store data about any EU citizen|
|SOX||Sarbanes-Oxley||US Federal Law||Regulation||US companies with publicly traded securities|
|SSAE 16 SOC 1 / SOC 2||Statement on Standards for Attestation Engagements / Service Organization Controls||American Institute of Certified Public Accountants (AICPA)||Standard||Data center operational controls|