Compliance

If you store any of the following types of information on your computer systems, you may be required to have a defined security policy, implement increased computer and network security protocols and maintain documentation.

Personal Health Information (PHI)

PHI generally refers to an individual’s demographic information, medical history, test and laboratory results, insurance information and other data a healthcare professional collects during the course of providing medical services.

Personally Identifiable Information (PII)

PII (also known as Sensitive Personal Information (SPI)), as used in US privacy law and information security, is information that can be used on its own – or in combination with other information – to identify, contact or locate a single person or to identify an individual in context.

Health Insurance Portability and Accountability Act (HIPAA)

HIPAA is the United States legislation that provides data privacy and security provisions for safeguarding a person’s medical information.

Federal Tax Information (FTI)

FTI is any return or return information received from the IRS or secondary source, such as SSA, Federal Office of Child Support Enforcement or Bureau of Fiscal Service. FTI includes any information created by the recipient that is derived from return or return information.

Payment Card Industry (PCI)

PCI is adherence to a set of specific security standards that were developed to protect card information during and after a financial transaction. PCI Compliance is required by all card brands.

Compu-Net Systems can review, write or implement your security policy. Knowing the compliancy standards for your business or industry is the first step to being compliant, however, always consult your attorney, your peers or even your customers to determine your specific compliance guidelines and requirements.