Regulatory Compliance
Email is one of the most common methods for communication. Companies rely on
emails for sending sensitive data to their business partners. Emails are inherently
insecure therefore, many regulations exist that govern sharing sensitive data through email messages.
Regulations for Your Industry
Government regulations differ between every industry. The following are examples of major regulations
affecting United States as well as the European Union.
| Industry | Regulation | Description |
|---|
| Health |
HIPAA |
Organizations must ensure email messages containing personal information must be encrypted
and must be transferred using methods that can only be viewed by the intended recipients. |
| Financial |
Gramm-Leach-Bliley |
Organizations must implement policy and technologies that ensure the security and
confidentiality of customer records when transmitted and in storage. Compliance to
GLBA also requires that financial institutions must communicate to their customers
how they share customers' sensitive data.
|
| Education |
Family Educational Rights and Privacy Act |
This law applies to all schools that receive funds under an applicable program of the
US department of Education. This act protects private information belonging to students
from getting into wrong hands. End-to-End encryption play a significant role in eliminating
unauthorized access when sensitive data is transferred via email.
|
| Any Public Company |
Sarbanes Oxley Act |
This law was enacted in the United States in 2002 and requires every public company
must establish internal controls to accurately gather, process and report financial
information. Emails need to be encrypted to prevent unauthorized access.
|
| Any Company |
GDPR |
Article 25 of GDPR requires data protection for all business processes
|
