Robo-FTP has all the features you need to achieve regulatory compliance, including PCI, HIPAA, SOX, and GDPR. Robo-FTP provides end-to-end encryption for data at rest and in motion. Robo-FTP also provides all the accountability features needed to comply with transparency and data retention policies. Automate processes with a detailed audit trail to ensure data is maintained/deleted as required.
The Health Insurance Portbility And Accountability Act (HIPAA), signed into law in 1996, is a law which provides security and data privacy requirements in order to keep patients’ medical information safe. The act contains five titles, or sections, where the second section deals specifically with technical requirements.
Section II directs the United States Department Of Health and Human Services to standardize the processing of electronic healthcare transactions nation-wide. It requires the organizations to implement safe electronic access to the patients’ health data.
Robo-FTP provides the features you need to achieve HIPAA compliance in several key areas.
- Access Controls: Implement technical policies and procedures for electronic information systems that maintain EPHI to allow access only to those persons or software programs that have been granted access rights
- Integrity: Implement policies and procedures to protect EPHI from improper alteration or destruction.
- Transmission Security: Implement technical security measures to guard against unauthorized access to EPHI that is being transmitted over an electronic communications network.
The General Data Protection Regulation (GDPR), a new European privacy law, takes effect starting in May 2018. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies even if your company or organization is not located in the EU.
The Robo-FTP suite of managed file transfer (MFT) products will enable you to meet several key GDPR principles:
- Secure personal data at rest and in motion through encryption (PGP, AES, TLS, SSL, SSH)
- Ensure data integrity
- Enable you to demonstrate GDPR compliance with detailed audit trails and reporting of every file transfer
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements for all companies that accept credit card payments.
Robo-FTP and Robo-FTP Server enable companies to meet the key security requirements of PCI DSS:
- Build and Maintain a Secure Network and Systems
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
In 2002, the United States Congress passed the Sarbanes-Oxley Act (SOX) to protect shareholders and the general public from accounting errors and fraudulent practices in enterprises, and to improve the accuracy of corporate disclosures.
Robo-FTP helps large and small companies achieve SOX compliance in the following key areas:
- Access: Access refers to both the physical and electronic controls that prevent unauthorized users from viewing sensitive information.
- Security: This means making sure appropriate controls are in place to prevent breaches and having tools to remediate incidents as they occur.
- Backup procedures: Backup systems should be in place to protect your sensitive data.