What are your regulatory compliance requirements for email security?

The federal government has gotten more and more involved in the regulation of information security in a variety of industries. If you provide any services in a regulated industry, you could be responsible for meeting security requirements, including email security. Healthcare is defined by the HIPAA security rules. Educational institutions are governed by FERPA. Institutions that conduct financial transactions could fall under one or more sets of requirements, including PCI if you accept credit card data.

    Requires Free Membership to View

About the author
 Russ Rogers is an information security expert and author of Nessus Network Auditing, 2nd Edition. Russ is currently a penetration tester for the federal government. Listen to Russ's supplemental podcast on email security.

You need to understand what your responsibilities are regarding protection such as email security, so appropriate steps can be taken to ensure that protection exists. No one wants expensive fines from government agencies, but the costs of lawsuits, bad press or loss of client confidence could potentially be the final nail in the coffin for your business.

This was first published in April 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: