Compliance

In the list below you will find brief overviews of each of these compliance regulations, as well as links to pages with more detailed information.

Red Flags Rule- The Red Flags Rule was created by the Federal Trade Commission (FTC), along with other government agencies such as the National Credit Union Administration (NCUA), to help prevent identity theft.

More detailed information, as well as links and resources,  can be found on our Red Flags Rule page.

Family Educational Rights and Privacy Act - FERPA deals  with the privacy of education students records that are 1) directly related to a student and 2) maintained by an institution or a party acting on behalf of the institution. 

More detailed information, as well as links and resources,  can be found on our FERPA page.

Payment Card Industry- The PCI standard is designed to safeguard sensitive data for all card brands.

More detailed information, as well as links and resources,  can be found on our PCI page.

Gramm–Leach–Bliley Act AKA the Financial Services Modernization Act of 1999-The GLB Act includes privacy provisions to protect consumer information held by financial institutions. 

More detailed information, as well as links and resources,  can be found on our GLB Act page.

Health Insurance Portability and Accountability Act- HIPAA  establishes national standards for, and addresses, the security and privacy of individuals' health data. 

More detailed information, as well as links and resources,  can be found on our HIPAA page.

Privacy Act of 1974-The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register.

More detailed information, as well as links and resources,  can be found on our Privacy Act page.

Alaska Personal Information Protection Act- APIPA provides several protections for personal information.

More detailed information, as well as links and resources,  can be found on our APIPA page.

General Data Protection Regulation-  The GDPR is an EU regulation that protects the “rights and freedoms” of living individuals and ensures that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.

 More detailed information, as well as links and resources,  can be found on our GDPR page.

Cybersecurity Maturity Model Certification Compliance-  CMMC safeguards Controlled Unclassified Information (CUI) across the Department of Defense (DoD) supply chain. This framework standardizes processes, practices, and approaches of DOD vendors and asseses their capabilities. 

More detailed information, as well as links and resources,  can be found on our CMMC page.