 | Policy & Compliance Management Solutions help organizations close the gap between corporate security policies and the people who must practice and comply with these policies. RBTi has selected to carry several unique and effective solutions to create and maintain policies, educate people and enforce policy compliance across an entire organization. |
RBTi provides services and solutions through partnerships that help you address regulatory compliance related to electronic recordkeeping and IT controls. To learn more about these solutions, contact a RBTi Representative today.
| Regulation |
What Is It? |
Who Needs To Comply? |
| Sox |
Sarbanes-Oxley (SOX), Section 404 requires IT controls and governance over financial reporting systems. |
Publicly traded companies |
| HIPAA |
The Healthcare Insurance Portability and Accountability Act (HIPAA) requires organizations to protect the confidentiality of patient data. |
Healthcare providers
Health insurance companies
Medicare/Medicaid agencies
HR departments |
| FDA 21 CFR Part 11 |
Reinforces FDA regulations on electronic record keeping, electronic signatures, and systems that communicate with the FDA. |
Pharmaceutical companies
Medical device manufacturers |
| GLBA |
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to protect the confidentiality and integrity of customer records. |
Financial services companies
Insurance companies
Banks
Brokerage firms |
| CA Notice of Breach |
CA Notice of Breach (formerly California Senate Bill 1386) requires notification of anyone whose personal information is in a database that suffered a security breach. |
Companies of any size with data about California residents |
| CALEA |
The Communications Assistance for Law Enforcement Act (CALEA) requires telecommunications service providers to enable electronic surveillance by law enforcement agencies. |
Telecommunications service providers |
| NERC Cyber Security Standards |
North American Electric Reliability Council (NERC) has set security standards to safeguard critical cyber assets. |
Utilities and electrical energy companies |
Security Policy and Program Services
Most security problems aren’t just technical, they’re organizational. Good policies and practices aligned to corporate goals and a thoroughly trained staff can help reduce risk as effectively as the most up-to-date technology. RBTi has partnered with Verisign Consulting services that offer a complete Security Policy Program staffed by CISSP and veteran consultants that will fit a policy program to your organization.
| Build Security into Your Company's Culture |
| The Purpose |
Develop policies and standards to promote security. Plan a strategy that helps you evolve. Improve business processes to align security with your corporate goals. Train your staff in sound security practice. |
| Value to You |
Streamlined processes that provide higher efficiency - and security at a lower cost. Tailored policies that don't overburden your organization. A complete solution that closes the gap opened by risky practices and untrained personnel. At the high end, security program management and interim strategic outsourcing. |
| How We Work |
Learn your goals and constraints. Evaluate your current policies and practices. Assess your need for a security program. Analyze your business processes. Train your staff. Help you manage your program. |
| The Results |
An effective and efficient security program. Practical responses to security and privacy problems. Tailored communications |
RBTi and Verisign can help you make sure that your security policies and standards - and the people they’re intended to guide - are as sound as your technology.
Policies and Standards
As part of any project, we carefully assess the gaps in your policies and standards - not just in your systems. We’ve discovered that almost all the problems we uncover aren’t just technical problems, they’re organizational problems. If you lack a security policy or a standard where you need one, we’ll help you develop it. If your policies and standards aren’t serving you well, we’ll identify why and help you improve them.
Strategic Planning
Policies and standards that serve you well today might not be adequate in the future. The marketplace changes. New regulations come into effect. Threats evolve. We help you develop a strategic planning process so that you can evolve as circumstances change.
Business Process
Security isn’t just about security, it’s about your business. We look at your organization as a whole to determine the impact a security or compliance failure might have on your operations, your reputation, and your business objectives. We help you assess and develop policies and standards - and a strategy - that both strengthen your security and advance your business goals.
Training and Awareness
Policies and practices are effective only if your staff understands them and knows how their expected to comply. We make sure your company’s personnel - from the security experts to the management and rank-and-file employees - get the training needed to maximize the effectiveness of your policies and procedures.
