It’s likely that your organization has requirements to comply with one or more data privacy rules, laws, or regulations established at the federal, state, or local government level. Engaging Maxxum’s expertise will help you navigate the complex regulatory landscape of data privacy and information security requirements. Here’s a partial list of rules and regulations we encounter in supporting our clients.
Red Flags Rule
The Federal Trade Commission and the National Credit Union Administration created the Red Flags Rule. The goal of policies and procedures established under this rule is to detect and prevent identity theft. Red Flags Rule is composed of categories: notification of threats or a breach; detection of suspicious documents and unusual activity; and identification of falsified information. Financial organizations are required to implement these categories in a manner to fit the needs of their organizations and clients.
Payment Card Industry Data Security Standard
The Payment Card Industry (PCI) Security Council established security standards and supporting documents to reduce payment card theft. The supporting documents contain specifics, tools, and resources to help organizations safely handle their consumers’ payment card information. Financial organizations and all merchants that accept credit cards are encouraged to comply with PCI standards. Individual payment brands like Visa and MasterCard enforce compliance, while the Security Council provides documentation and training to prevent, detect, and react to security threats.
In 2003, the Fair and Accurate Credit Transactions Act (FACTA) was instituted. FACTA allows businesses to request a free copy of their employees’ credit report prior to hire, verifying their potential employees’ identity. FACTA also enforces the correct disposal of the credit report. Besides setting up fraud alerts on credit reports, FACTA prohibits organizations from printing more than five digits of credit card numbers on receipts or other documentation. When reviewing credit reports for fraud detection, an auditor should be alert for any red flags. A few red flags that may indicate identity theft are suspicious or unlisted Social Security numbers, invalid mail addresses, or multiple account closures.
Sarbanes-Oxley Act of 2002
After financial scandals in the 1990s, lawmakers implemented the Sarbanes-Oxley Act (SOX) in 2002. SOX standardized the way organizations should accurately certify their financial reports. It demands that organizations manage their internal controls around finance and reporting and increased accountability for organizational governance. Organizations reporting financial results are required to engage an outside firm for an annual audit. The penalties for fraudulent financial activity are severe.
We're current with all compliance regulations that affect your computers, electronics and all technology assets. From environmental concerns to data privacy and reporting, we take on the burden of ensuring best practices.LEARN MORE
New equipment deployment ties up valuable resources. Let Maxxum take it off your hands. We can save time, cost, and innumerable headaches.LEARN MORE
Maxxum is your partner in risk mitigation. We're with you through the entire lifecycle of your computers, electronics and all technology, providing valuable support and guidance during acquisition, disposal, and during any custody change.
Let us help you create value with responsibly, productively managed e-waste. We offer comprehensive services for the entire lifecycle, from capital planning to end-of-life disposal.LEARN MORE