You are here

Regulatory Compliance

The compliance management process can be intelligently built in to IT and information security systems on the basis of methods and recommendations that take account of all the requirements of local legislation as well as international and industry standards.
InfoWatch will conduct an expert assessment of the company's information security and determine the level of compliance with regulatory requirements.

Operators or other individuals with access to personal data must observe the requirement not to distribute such data without the agreement of the subject of that information, or other legal basis for distribution

Information regarding transactions, accounts and deposits involving their clients and correspondents, as well as other information established by the credit organization.

Information that determines or could be used to determine the identity of an individual (the subject of personal data), including full name; year, month, date and place of birth; address; marital, social and property status; education; profession; income and other information.

Scientific and technical, technological, production, financial and economic or other information (including production secrets – know-how) that has active or potential commercial value as a result of the fact that it is not known to third parties, that is not freely accessible under the law, and that the owner has defined as a commercial secret

InfoWatch solutions enable companies to comply with industry standards and legal requirements:

  • ISO 27001
  • Payment Card Industry Data Security Standard (PCI DSS)
  • US Public Law 104-191 (Health Insurance Portability and Accountability Act, HIPAA)
  • US Public Law 107-204 (Sarbanes–Oxley Act of 2002)

All of these standards to one degree or another oblige companies and organizations to adopt measures to safeguard the confidentiality of information and contain recommendations on the application of technical means to limit access to information designated a commercial secret.

The understanding of 'confidentiality of information' is interpreted differently in different sources, but always implies a need to prevent leaks (disclosure) of information.

Outcomes

Auditing an information system for compliance with regulatory requirements is very important – it is on this basis that a statement about the current level of compliance with existing legislation will be formulated and measures to eliminate discrepancies determined. As a result, it is possible to accurately assess the level of a company's information system with legal requirements and standards, to develop and implement effective proposals for bringing an information system into compliance, to minimize the risks associated with liability for non-fulfillment of requirements, and to identify existing clear and potential threats and vulnerabilities.

InfoWatch will conduct an expert assessment of the company's information security and determine the level of compliance with regulatory requirements, and also propose effective measures to protect the company's information assets.

Solutions are based on the following products:

A software solution (DLP system) designed to monitor information flows and protect confidential information from leaks and unauthorized distribution.

A software product providing information security for workstations, removable media and mobile devices, designed for quick deployment and ease of management.

A software product offering automated audit of source code in customized business applications to detect vulnerabilities and implants.