• Contact us
• Sitemap
• Press
• Investor Relations

•  
• Products & Solutions
  • Policy Compliance

    • NETconsent Compliance Suite
    • NETconsent Policy Manager
    • NETconsent Examiner
    • NETconsent Informer
    • NETconsent Assessor
    • NETconsent Reporter

    Content Security

    • Secured eMail
    • Secured eFile
    • Secured eCollaboration
    • Secured eUSB
    • Simple Encryption Platform

    Secure Access

    • AppGate Security Server Appliance
    • Secure access for iOS® & Android®
    • AppGate Satellites
    • Cryptzone OTP
    • MindTerm

    Endpoint Security

    • Secured eUSB
    • Secured eDevice
    • Secured eDisk
    • SE46 Application Whitelisting
    • AppGate Device Firewall

    Solutions

    • Healthcare
    • Public Service
    • Financial Services
    • Laws & Regulations
• Resources
  • Whitepapers
  • Recorded Webinars
  • Case Studies
• Support
  • Phone Support
  • Purchase/Renew Support your contract
  • Training
  • Technical documentation
• Partners
  • Cryptzone Partner Program
  • Become a Partner
  • Partner Portal
• About
  • About Overview
  • Board of Directors
  • Contact Us
  • Management Team
  • Investor Relations
• Purchase
  • Worldwide sales
  • Sales Contact Information
  • Online Shop

• Financial Sector
• Healthcare
• Public Service
• Whitepapers
• Product Demos
• Investor Relations

• Policy Compliance
• Content Security
• Secure Access
• Endpoint Security

• Demos & Workshops
• Recorded Webinars
• Whitepapers
• Case Studies
• Solution Guides
• Data Sheets
• SaaS
• By Product

• Phone Support
• Purchase/Renew your support contract
• Training
• Technical Documentation

• Cryptzone Partner Program
• Become a partner
• Find a partner near you
• Partner Portal

• About Us
• Board of Directors
• Management Team
• Contact us
• Investor Relations

• Worldwide sales
• Contact us directly
• Online Shop

• Press Releases
• Press Release Archive
• Awards & Certifications
• Press Contact
• Downloads
• Events

• EMEA
  • EU Data Protection Directive
  • EuroSOX
• UK
  • GSi Code of Connection
• North America
  • FTC Red Flag Rule
  • HIPAA
  • HIPAA HITEC
  • Sarbanes-Oxley Act
• World Wide
  • Basel II
  • Basel III
  • PCI/DSS
  • Professional Code of Conduct

Please choose below to read more about regulatory compliance in your region.

Basel II

The International Convergence of Capital Measurement and Capital Standards document, known as Basel II, aims to build on a solid foundation of prudent capital regulation, supervision, and market discipline, and to enhance further risk management and financial stability.
The three pillars of Basel II are:

- Minimum capital requirements
- Supervisory review process
- Market discipline
Read more

Basel III

Basel III is part of the Basel Committee's continuous effort to enhance the banking regulatory framework. It builds on the International Convergence of Capital Measurement and Capital Standards document (Basel II).
The measures aim to:
- Improve the banking sector's ability to absorb shocks arising from financial and economic stress, whatever the source
- Improve risk management and governance
- Strengthen banks' transparency and disclosures.

National implementation by member countries will begin on January 1st, 2013. Member countries must translate the rules into national laws and regulations before this date. The requirements will be phased in during a transition period of five years.
Read more

EU Data Protection Directive

The EU Data Protection Directive (Directive 95/46/EC) requires all member countries of the EU to adopt local laws that implement its terms for data protection and privacy standards. It states that "Everyone has the right to respect for his private and family life, his home and his correspondence." The regulation applies to any operation using personal data, including the collection and storage of data. The directive requires organizations to handle all personal data in a manner that is secure and appropriate.Read more

EuroSOX

The 8th EU Company Law Directive (84/253/EEC), commonly referred to as EuroSOX, is designed to strengthen standards and public accountability within the audit profession. The directive calls for robust systems for information security management and IT governance.

EuroSox is incorporated into local national company laws. In Germany the directive is adopted in the law called "Bilanzrechtsmodernisierungsgesetz" (BilMoG), in the UK with the "Combined Code" and in France with the "Loi sur la Sécuriité Financiére" (LSF).Read more

FTC Red Flag Rule

The Red Flags Rule introduced by The Federal Trade Commission requires many businesses and organizations (financial institutions and creditors) to implement a written Identity Theft Prevention Program to detect the warning signs of identity theft in their day-to-day operations.

The Identity Theft Prevention Program must include reasonable policies and procedures for detecting, preventing and mitigating identity theft.
1. Identify relevant patterns, practices, and specific forms of activity — the "red flags" — that signal possible identity theft;
2. Incorporate business practices to detect red flags;
3. Detail your appropriate response to any red flags you detect to prevent and mitigate identity theft; and
4. Be updated periodically to reflect changes in risks from identity theft.
Read more

GSi Code of Connection

The GCSX Code of Connection (CoCo) is a list of security controls with which all Local Authorities must be compliant before their Government Connect Secure eXtranet (GCSX) circuit can be activated.

GCSX is a secure electronic communications channel to share restricted and personal sensitive information between local authorities, central government and the wider public sector. It has become the preferred method of data exchange by UK government departments.
Read more

HIPAA

Under The Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities (e.g. health care providers, insurance companies and government departments) must comply with requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their health information.

The HIPAA Privacy Rule protects the privacy of individually identifiable protected health information (PHI). The Security Rule protects a subset of this information that a covered entity creates, receives, maintains or transmits in electronic form (e-PHI).
Read more

HIPAA HITEC

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) significantly increased the penalty amounts for violations of the HIPAA rules and expanded the reach of HIPAA data privacy and security requirements to include business associates of covered entities. Service providers, such as accountants and law firms are subject to the same HIPPA rules and penalties as the organizations for which they work.

- Increased potential legal liability for non-compliance with HIPPA rules.
- Business associates became directly subject to HIPAA security and privacy requirements, as well as the same civil and criminal penalties as HIPAA-covered entities for violations.
- Mandated breach notification requirements on covered entities, business associates and vendors of personal health records.
Read more

PCI/DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements developed to reduce credit card fraud and increase data security. This industry standard affects every organization that deals with card payment transactions.

The PCI DSS requires organizations to:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
Read more

Professional Code of Conduct

Many organizations belong to industry associations, which require adherence to some sort of code of conduct. The Code of Conduct is a set of rules, which establishes core values, ethics and acceptable standards of behavior for individuals within a given organization or professionRead more

Sarbanes-Oxley Act

The Sarbanes-Oxley Act (SOX) aims to protect shareholders and the public from the consequences of financial malpractice and accounting fraud. The act is administered by the Securities and Exchange Commission (SEC).

Any organization undertaking business with US companies may be subject to SOX requirements.
Read more