Court Reporters
Retention Regulations
Data Security Storage and Privacy
Court Reporting Services
Atkinson-Baker Client Center
For Court Reporters
Legal Resources
About Atkinson-Baker Inc.
Contact Us for Court Reporting Services
Atkinson-Baker Court Reporting Services
Atkinson-Baker Court Reporting Agency
Legal Resources
Subscribe
Discovery Update
Stay Informed
The Reporter
Deadline & Filing Date Calculator
California Trial Courts
Florida Trial & App Courts
Michigan Courts
Illinois Courts
Nevada Courts
State Employment Laws
Online Court Forms
Guide to Federal District
Court Legal Rules
State Discovery Rules
 

laptop

 

Following are a few of the key regulations covering data security, storage and privacy. Some of these regulations run into the hundreds of pages, so they do contain considerably more information than is covered here.

EU Data Protection Directive (DPD)

Applies to companies with offices in the European Union or which exchange personal data with companies in the EU. Data can relate to customers or employees. Companies have the option of submitting a privacy compliance plan with each country's Data Protection Authority or can establish privacy policies in compliance with the DPD and certify with the U.S. Department of Commerce that they are in compliance. Plan must cover who can access information, data security and enforcement procedures.

Food and Drug Administration
21 CFR Part 11 - Electronic Records; Electronic Signatures

Covers pharmaceutical and life sciences firms operating under the auspices of the FDA. Affected companies must "employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine. Records must be retained for two to five years.

Gramm-Leach-Bliley Act

Applies to banks, securities firms, insurance companies, loan brokers, tax preparers, financial advisers and other providers of financial products or services. Requires companies to have a written security plan to protect the confidentiality and integrity of personal consumer information. Plan must include employee management and training, security of information systems (hardware, software and data transmission) and steps to take to manage systems failures.

HIPAA

Health Insurance Portability and Accountability Act of 1996. Applies to all health care providers, pharmacists, and insurance companies. Governs procedures for sharing of patient information. Hospitals must retain records for a minimum of five years. If the patient is a minor, records must be kept till patient is at least 21.

IRS Revenue Procedure 97-22

Applies to any taxpayer. Details system requirements for electronic storage and indexing of tax and financial records. District Director may visit taxpayer and conduct a test of the system.

OSHA
Occupational Injury and Illness Reporting Requirements

Section 1904.9 provides that records of illness and injury be retained for five years. (Note: American Industrial Hygiene Association had recommended 30 years.)

Sarbanes-Oxley

Applies to all publicly-traded companies in the U.S. Documents have to be submitted by chairmen and CFOs, attesting to the accuracy and soundness of their financial reports. The personal liability, including criminal penalties, for those executives is involved: they have to certify that everything is taking place in accordance with the standards of proper reporting and accounting. Requires documentation of all procedures used to derive financial numbers. Original correspondence from financial audits must be retained for four years after completion of audit.

Security Exchange Act of 1934
17 CFR 240.17a-4

Applies to brokers, dealers and members of the stock exchange. All business-related and internet communications sent and received must be retained for at least three to six years. Trading account records must be held for six years beyond the end of the account. Data must be maintained and preserved in a manner that verifies the authenticity of the data. Records must be preserved exclusively in a non-rewriteable, non-erasable format. Records must have a duplicate copy stored separately.



Please contact our Director of Client Services
at clientservices@depo.com or 1-800-288-3376.		 Back to Article Index
Privacy Policy  |  Legal Notices  |  Sitemap Atkinson-Baker Court Reporting Services
©1995–2009 Atkinson-Baker, Inc. This page and all site contents, except where otherwise noted, are copyrighted materials.
Atkinson-Baker Court Reporters Home - Atkinson-Baker Court ReportersSchedule a Court Reporter Last-Minute Scheduling of Court Reporting Services