Regulatory Compliance

The term regulatory compliance refers to the adherence of an organization to the laws, specifications, regulations, and standards required for an industry. Companies in each industry face unique criteria specific to their industry, and must meet those conditions. Enforcement of standards varies by industry and situation, though penalties for failing to meet them can be severe.

Many regulatory standards exist to protect individuals’ and companies’ data. Examples of protected data include driver’s license numbers, social security numbers, account numbers, credit card numbers, medical records, claims submissions, and any other private information.

Federal Regulations

If you are doing business in the US, here are some of the most important regulations, described in relation to their impact on performance:

Gramm-Leach-Bliley Act (GLBA), 1999
GLBA is focused on protecting the privacy of consumer information held by financial institutions. It requires companies to provide consumers with privacy notices that explain the financial institutions’ information-sharing practices. Consumers have the right to limit some sharing of their information. User access to systems must be recorded and monitored for potential abuse of that data. This requires logging and access controls, which can impact performance.
Health Insurance Portability and Accountability Act (HIPAA), 1996
HIPAA includes a few key goals. The act requires the protection and confidential handling (encryption) ...

Get Compliance at Speed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.