Compliance

Gramm-Leach-Bliley Act (GLBA)

Congress passed the Gramm-Leach-Bliley Act dates to 1999 allowing commercial banks to offer investment and insurance services including provisions to protect the privacy of consumer information collected by companies in the financial sector, including any other organization “significantly involved in financial activities.” GLBA Section 501 of Subtitle A requires companies to ensure the data security and confidentiality of customer records and information, protect against any anticipated threats or hazards to the security and integrity of such records. RedShift Networks helps enterprises protect against unauthorized access to or use of GLBA-compliance records or information that could result in substantial harm or inconvenience to any customer.

Health Insurance Portability and Accountability Act (HIPAA)

HIPAA passed in 1996 including the highly relevant Privacy Rule later in 2003. It applies to organizations managing medical records or other personal health information. All personal medical information stored or transmitted electronically by hospitals, doctors’ offices, nursing homes, HMOs, insurance companies, social service agencies. RedShift Networks customers gain HIPAA compliance auditing and proactive threat protection including  SIP-based voicemail systems in healthcare industries often contain confidential patient information and need protection.

General Data Protection Regulation (GDPR)

GDPR compliance with UC and VoIP mandates that service providers maintain detailed records of all data processing activities. RedShift Networks platform automates this record keeping through implement technological and organizational measures that ensure and demonstrate real-time data analytics symmetrical recording with GDPR.

Payment Card Industry Data Security Standard (PCI DSS)

PCI DSS offers enterprises and their cloud UC providers a measurable set of security standards ensuring the secure acceptance, processing, storage, or transmission of credit card information. In PCI DSS Requirement 1.3.3, the need for RedShift Networks solution is clear to implement anti-counterfeiting measures to detect and prevent fraudulent source IP addresses from entering the network. UC and VoIP need RedShift Networks PCI DSS compliance strengths as fraudulent SIP bots target VoIP/UC networks continuously and VoIP transmits enterprise-sensitive authentication (SAD) or cardholder data (CHD) using VoIP data or audio/voice recordings packets.