ExchangeDefender Regulatory Compliance
ExchangeDefender is in full compliance with all major U.S. regulations, and is 100% accredited as a trustworthy service provider of advanced email solutions for business.
ExchangeDefender’s Compliance with U.S. and International Regulations
New federal and international regulations bring a wave of new requirements and processes, both technical and organizational, that will safeguard personal information and by proxy protect all information technology.
New organizational and technical measures have been put in place to assure your data privacy and control. Specifically:
HIPAA (Health Insurance Portability and Accountability Act of 1996) provides detailed instructions for handling and protecting a patient’s personal health information.
Which industries must follow HIPAA?
The following entities must follow The Health Insurance Portability and Accountability Act (HIPAA) regulations. The law refers to these as “covered entities”:
- Health plans
- Most health care providers, including doctors, clinics, hospitals, nursing homes, and pharmacies
- Health care clearinghouses
ExchangeDefender technologies service thousands of healthcare organizations to assist them in complying with the latest HIPAA regulations when it comes to their email.
Top email compliance solutions for Healthcare Industries:
ExchangeDefender (Own Web Now Corp) is pleased to announce full compliance with General Data Protection Regulation (GDPR) which went into effect May 25, 2018. GDPR is a regulation in European Union law that aims to improve data protection and privacy. As a global company, and as one whose primary mission is email security, we see many of the requirements in this new law not just as necessary but also as long overdue.
Exchange Defender helps organizations comply with GDPR by automating detection of sensitive private information, EU client data, consent tracking and powerful audit & policy wizards that alert you to potential issues.
Which industries are affected by GDPR?
Most are, The GDPR applies wherever you are processing ‘personal data’. This means if you can identify an individual either directly or indirectly, the GDPR will apply.
Top ExchangeDefender Solutions to comply with GDPR:
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that process credit cards. The standard was created to increase controls around cardholder data to prevent credit card fraud.
Which organizations need to comply?
PCI DSS compliance is required by credit card companies to make online transactions secure and protect them against identity theft. Any merchant that wants to process, store or transmit credit card data is required to be PCI compliant, according to the PCI Compliance Security Standard Council.
Top ExchangeDefender Solutions to Comply with PCI DSS:
The California Consumer Privacy Act (CCPA) offers consumers the right to opt out of the sale of their personal information, the right to access their personal information, and the right to delete their personal information.
5 Key Requirements for the California Consumer Privacy Act
- Data inventory and mapping of in-scope personal data and instances of “selling” data
- New individual rights to data access and erasure
- New individual right to opt-out of data selling
- Updating service-level agreements with third-party data processors
- Remediation of information security gaps and system vulnerabilities
ExchangeDefender helps organizations within the United States comply with the new CCPA bill by controlling data access and enabling service-level agreements. We ensure that all email security measures have been taken to be in compliance with the CCPA.