Email Compliance Laws – Overview
The Securities Exchange Commission (SEC) and National Association of Securities Dealers (NASD) have enacted regulations governing how their member firms must archive, index, store and retrieve their electronic communications including email (SEC 17a-4 and NASD 3010). More Information SEC 17a-4 and NASD 3010 Compliance
The U.S. Securities and Exchange Commission (SEC) has recently imposed new regulations on private investment pools, also known as hedge funds. The regulation went into effect on Feb. 1, 2006. The ruling requires that most hedge fund advisers register with the SEC under the Investment Advisers Act of 1940, which includes provisions for securing, managing and archiving all electronic communication, including email and instant messages. More Information on Hedge Fund Compliance
The Sarbanes-Oxley (SOX) Act of 2002 was passed by the U.S. Congress, in response to major corporate and accounting scandals including Tyco, WorldCom and Enron. It establishes strict policies governing the retention and maintenance of records and supporting correspondence by publicly-traded companies. It is expected that some version of SOX will be extended to non-profits in the near future. More Information on Sarbanes-Oxley Compliance
The Health Insurance Portability and Accountability Act (HIPAA), was passed by the U.S. Congress in 1996. It encourages the widespread adoption of electronic transmission of patient health data and mandates the use of security measures like encryption to protect electronic health information from unauthorized access while being transmitted over electronic networks. More Information on HIPAA Compliance
21 CFR Part 11 was enacted by The Food and Drug Administration (FDA) in 1997 in an effort to insure that electronic media provide the same level of data integrity as the paper-based storage and retrieval systems they are increasingly replacing. It defines strict rules for the use of electronic signatures and electronic records. More Information on Pharma Compliance
The Gramm-Leach Bliley Act (GLBA), signed in 1999 and fully effective in 2001, regulates how financial services firms protect customers’ personal financial information. The FDIC Advisory on the Information Technology Risk Management Program requires encryption of electronic customer information while in transit or in storage. The OCC Advisory on Electronic Record Keeping stipulates that banks should implement an electronic retention system ensuring security for and compliance.More Information on Banking Compliance
To Learn More about Athena Archiver and compliance visit the Regulatory Compliance Section of this site.