Depending on their location, companies that maintain consumer information need to comply with regulations such as GLBA (Gramm-Leach-Bliley Act), HIPAA (Health Insurance Portability and Accountability Act of 1996), SB 1386 (California Security Breach Information Act), EU Data Protection Directive, and PCI DSS (Payment Card Industry Data security Act). These regulations and mandates aim to ensure that companies are providing effective protection to consumer information in their databases. As a result, companies have developed internal controls and policies to ensure compliance with these regulations. Non-compliance can lead to significant fines and penalties and, in extreme cases, revocation of business license.
MetricStream Consumer Privacy Solution
The MetricStream solution enables organizations to continually audit their internal controls and processes to identify risks, validate compliance with regulations, and ensure that they are identifying and remedying gaps/deficiencies in a timely manner.
MetricStream uniquely combines software and content to deliver the solution for consumer privacy with embedded best practices templates, links to training content from an expert community, and integration of business processes with regulatory and industry alerts.