Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
compliance [2018_06_15 23:28] – steven | compliance [2020_10_30 15:05] – [Auditing & Family Education Rights & Privacy Act (FERPA)] jim | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Compliance ====== | + | ====== Compliance |
===== GDPR ===== | ===== GDPR ===== | ||
Line 32: | Line 32: | ||
Storage Made Easy acts a data controller for the personal data of individuals that we market to directly, engage in business with, and support. For more information on how we collect and process personal data for these individuals see our [Privacy Policy](https:// | Storage Made Easy acts a data controller for the personal data of individuals that we market to directly, engage in business with, and support. For more information on how we collect and process personal data for these individuals see our [Privacy Policy](https:// | ||
+ | |||
+ | ==== CCPA ==== | ||
+ | |||
+ | [[http:// | ||
+ | |||
+ | Companies are required to comply with the CCPA if they comply with any of the following: | ||
+ | |||
+ | |||
+ | (i) They have gross revenues over $25M | ||
+ | |||
+ | (ii) They are a for-profit company that does business in California and collect the information of more than 50,000 consumers, devices or households. | ||
+ | |||
+ | (iii) 50% of their income is derived from selling personal information. | ||
+ | |||
+ | Unlike the GDPR the CCPA doesn’t require companies to go through steps such as data collection consent, having a valid reason to collect user information, | ||
+ | |||
+ | The File Fabric provides functionality that helps in satisfying CCPA requirements such as providing a mechanism to understand ‘who’ is accessing data, ‘when’, and ‘how’ through a combination of the File Fabric' | ||
+ | |||
+ | Additionally when connected to the File Fabric data content is indexed so that it can be checked for PII / PHI which can then be flagged and quarantined until it can be dealt with. | ||
+ | |||
+ | |||
+ | |||
===== Encryption (FIPS) ===== | ===== Encryption (FIPS) ===== | ||
Line 41: | Line 63: | ||
===== Government ===== | ===== Government ===== | ||
- | The Enterprise File Fabric had been approved by the UK Government for purchase by public-sector bodies through the Gov.uk [Digital Marketplace](https:// | + | The Enterprise File Fabric had been approved by the UK Government for purchase by public-sector bodies through the Gov.uk [Digital Marketplace](https:// |
[UKCloud](https:// | [UKCloud](https:// | ||
Line 78: | Line 100: | ||
This information is not intended to constitute legal advice. You are advised to seek the advice of counsel regarding compliance with HIPAA or refer to the HIPAA section of the U.S. Department of Health and Human Services' | This information is not intended to constitute legal advice. You are advised to seek the advice of counsel regarding compliance with HIPAA or refer to the HIPAA section of the U.S. Department of Health and Human Services' | ||
+ | [[https:// | ||
+ | |||
+ | ===== Auditing & Family Education Rights & Privacy Act (FERPA) ===== | ||
+ | |||
+ | FERPA is the federal privacy law for educational institutions and has regulatory compliance requirements for student educational records. | ||
+ | |||
+ | The File Fabric' | ||
+ | |||
+ | Note that FERPA compliance regulations specifically prohibit educational institutions from disclosing " | ||
+ | |||
+ | ### Also See | ||
+ | [[useraccesspolicies|User Access Policies]] \\ | ||
+ | [[security|Security Framework]] |