In the last two decades, data breaches became a real threat to the people and the Mexican authority understood it well. The Federal Law on the Protection of Personal Data held by Private Parties, also called “the law”, was approved by the Mexican congress and came into action on July 6, 2010. The new regulation applies to private individuals and legal entities who process data on the Mexican territory, and use mean located in Mexico to process personal information.
In 2018, India approved the Data Protection Bill which proposes a legal framework to protect the autonomy of individuals regarding their personal information, and to specify the rights of individuals whose personal data are being processed and stored. The new regulation will be added to the existing laws in order to strengthen India’s position regarding data protection.
The “Australia Privacy principle” was voted in 1988 and intends to protect the personal information of local residents. New regulations were added to it in 2017 in response to the numerous data breaches that took place in the region.
The legislation applies to private sector entities with an annual turnover of at least AU$3 million, and all Commonwealth Government and Australian Capital Territory Government agencies. Organizations from various sectors such as insurance, telecom, healthcare are all subject to the law and can face serious penalties if they do not respect it.
The Data Privacy Act was approved in 2012 and provides a framework for regulating the processing and storage of particularly personal and sensitive data in the Philippines.
Brazil had approved the new regulation about personal data protection which will come into action at the beginning of 2020. The Brazilian General Data Protection Law (LGPD) adds a new legal framework for the use of personal information both online and offline, in the private and public sectors.
The HIPAA act is regulation designed to protect the privacy and security of individuals’ health information while encouraging companies to adopt new technologies to improve the quality and efficiency of patient care. SecuPi developed a solution that helps companies discover and improve the way they handle their customers’ sensitive health-related data by defining rules and providing access on a need-to-know basis.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that apply to any organization that accepts, process, stores and transmits credit card information.
Personal identifiable information is any types of information that when combined with other relevant data could help identify individuals in context. Due to the wealth of information provided by big data, there has been a significant rise in malicious activities, which has raised concerns over how companies handle the personal data of their customers. SecuPi created a platform that enables to maximize the protection of PII on high-risk application. Companies deploy SecuPi to protect their customers’ sensitive data by ensuring that data is accessed on a need-to-know basis while protecting from careless and malicious abuse.
The SOX act of 2002 is a U.S. federal law that established requirements for all U.S. management, public accounting firms and company boards. SOX was created with the intent of protecting the general public and the shareholders from accounting mistakes and malicious activities in enterprises and improve the accuracy of corporate announcements. SecuPi developed a technology enabling U.S. companies to easily meet the SOX requirements act and be compliant within a few days and with no development efforts.
The California Consumer Privacy Act (CCPA) is a legislation imposed on Californian companies in order to protect its consumer’s privacy. It regulates the way organizations collect and store consumer personal information. The CCPA goes into force on January 1, 2020 and will hold companies accountable for protecting their consumers’ data, focusing mainly on profiting from the sale of personal consumer information without their knowledge or consent.
SecuPi augments business applications with the capabilities for meeting GDPR requirements, including ‘Right to be forgotten’, ‘Data Minimization’, ‘Consent’ and ‘Records of Processing Activities’ without code changes and within days per application.