Microsoft Office Tutorials and References
In Depth Information
Policies and processes
Sarbanes-Oxley Act
The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is
legislation enacted in response to the high-profile Enron and
WorldCom financial scandals to protect shareholders and the
general public from accounting errors and fraudulent practices
in the enterprise. The act is administered by the Securities
and Exchange Commission (SEC), which sets deadlines for
compliance and publishes rules on requirements.
SarbanesOxley is not a set of business practices and does not specify
how a business should store records, rather, it defines which
records are to be stored and for how long.
definition/Sarbanes-Oxley-Act )
(HIPPA) Healthcare
Insurance Portability
and Accountability Act
HIPAA is the United States Health Insurance Portability and
Accountability Act of 1996. There are two sections to the Act.
HIPAA Title I deals with protecting health insurance coverage
for people who lose or change jobs. HIPAA Title II includes
an administrative simplification section which deals with the
standardization of healthcare-related information systems. In
the information technology industries, this section is what most
people mean when they refer to HIPAA. HIPAA establishes
mandatory regulations that require extensive changes to the
way that health providers conduct business.
(Source: http://searchdatamanagement.techtarget.
com/definition/HIPAA )
(PCI) Payment Card
Industry Data Security
Payment Card Industry (PCI) compliance is adherence to a set
of specific security standards that were developed to protect
card information during and after a financial transaction. PCI
compliance is required by all card brands.
definition/PCI-compliance )
There is a lot more to data retention, security, privacy, and compliance than what
we are able to cover in this topic. Be sure to do further research and seek help before
diving into this topic further.
Policies and processes
Okay, so now your backup plan is almost complete but you are missing a few things.
You need some policies and procedures and lots of documentation. You also need to
put some policies in place.
Search JabSto ::

Custom Search