BUMI (Backup My Info!) can help your business with a variety of compliance issues.
Compliance Issue: Tape backups require manual intervention and thus are not compliant with regulations like HIPAA and Gram-Leach-Bliley.
BUMI’s Solution: Our automated backup solution runs in the background and requires no manual intervention.
Compliance Issue: Backup solutions (such as tape backups) that are decentralized lead to difficulties in obtaining and providing records to auditors in a timely manner.
BUMI’s Solution: The BUMI software aggregates all backup data and allows for immediate recovery.
Compliance Issue: Transferring data offsite requires manual involvement and is not a secure process.
BUMI’s Solution: Backup data is automatically transferred over the internet and is secured using military-grade encryption technology.
Compliance Issue: Long-term storage and archiving of data.
BUMI’s Solution: Backup My Info!’s archiving solution stores archive data in the same encrypted format as our online backup.
HIPAA Compliance and Confidentiality of Patient Data
On August 21, 1996, President Clinton signed the Health Insurance Portability and Accountability Act, referred to as HIPAA. This law impacts all areas of the health care industry and was designed to improve the efficiency of health care by standardizing the exchange of administrative and financial data and to protect the privacy, confidentiality and security of private medical information.
Any health care provider, health care clearinghouse or health plan that electronically transmits or maintains health information pertaining to an individual must comply with HIPAA regulations.
Privacy and Security
A major focus of all medical organizations is the security and privacy of electronic health records and their transmission between health care entities. Organizations must ensure the confidentiality and integrity of their members' health records, and transmission of data must be authenticated and encrypted. Additionally, security policies and procedures must be documented and implemented.
BUMI is HIPAA Ready
HIPAA's Security Standards is requiring health care providers to have a contingency plan to respond to any type of computer emergency. According to the latest rules published as of February 1, 2003, Backup My Info! complies with the following HIPAA requirements:
- User Authentication
- Role based access
- Encryption of data (AES 256 encryption)
- Offsite data storage outside of the organization
- Secure storage facilities
- Transmission Reports
Can you guarantee security for your investors if their financial data is unprotected? Technological advancements have improved the way that financial service companies do business, improving transaction speed and efficiency. With these advancements comes more financial data than ever, and an even greater need to protect it from things like human error, theft, and disasters.
New rules like Sarbanes Oxley, Gramm-Leach-Bliley and others, all developed to regulate the handling of financial data, have made it challenging for businesses to ensure they are protecting their data properly. BUMI is very familiar with these rules and has been taking care of customers for many years by doing the following:
- Storing data encrypted using 256 Bit AES encryption at all times at highly secure offsite data center locations (SAS70 Type II)
- Performing disk to disk backup and retrieval of data
- Creating an audit trail of all backups and restores
- Restricting login privileges to administrative credentials only
The Financial Modernization Act of 1999, also known as the "Gramm-Leach-Bliley Act" or GLB Act, includes provisions to protect consumers’ personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions.
The GLB Act gives authority to eight federal agencies and the states to administer and enforce the Financial Privacy Rule and the Safeguards Rule. These two regulations apply to "financial institutions," which include not only banks, securities firms, and insurance companies, but also companies providing many other types of financial products and services to consumers. Among these services are lending, brokering or servicing any type of consumer loan, transferring or safeguarding money, preparing individual tax returns, providing financial advice or credit counseling, providing residential real estate settlement services, collecting consumer debts and an array of other activities.
Created in response to scandals such as Worldcom and Enron, the Sarbanes-Oxley (SOX) Act of 2002 legislates how -- and how long -- companies can store their financial records. SOX safeguards against illegal financial activities by specifically stating that electronic records and messages, including email and instant messages, must be saved for at least five years and must be easily obtained if need be.
BUMI’s online back solution addresses SOX rules by keeping critical data secure, yet quickly accessible. The data is transmitted and stored in encrypted format, and remains on our servers where it is protected from unauthorized access or destruction.