The Regulatory Acts

There are dozens of regulations relevant to document management. Below we have assembled a list of those pertinent to document management and have provided links to websites that will provide detailed information:

---

Family Educational Rights and Privacy Act (FERPA)

PURPOSE: To ensure student privacy
FERPA protects the privacy of student education records and applies to all schools that receive funds under an applicable program of the U.S. Department of Education. More Information

---

Gramm-Leach-Bliley Act (GLB)

PURPOSE: To ensure financial privacy
GLB requires banking and financial institutions across the United States to describe how they will protect the confidentiality and security of consumer information and how they will track and honor consumers' opt-out requests. More Information

---

Health Insurance Portability and Accountability Act (HIPAA)

PURPOSE: To ensure medical information privacy
HIPAA requires standardization of transactions between healthcare providers and payers. It also requires organizations to protect the security and confidentiality of electronic information being shared. More Information

---

Prompt Payment Act (PPA)

PURPOSE: To ensure vendor protection
PPA ensures that federal agencies pay vendors in a timely manner and assesses late interest penalties against agencies that pay vendors after a payment due date. More Information

---

Sarbanes-Oxley Act

PURPOSE: To ensure investor protection
Sarbanes-Oxley mandates reforms requiring corporate responsibility and proof of financial controls over a company’s information, records and financial reporting. Basic provisions include signed verification of the completeness and accuracy of financial reports, effective internal controls over reporting and information, and "rapid and current" reproduction of information illustrative of material changes in financial condition.
More Information

---

SEC Rule 17a-4

PURPOSE: To ensure investor protection
SEC 17a-4 applies to e-mail management within broker-dealer organizations. More Information

---

Section 508 of the Rehabilitation Act

PURPOSE: To ensure disabled person protection
Section 508 requires agencies to give disabled employees and members of the public access to information that is comparable to the access available to others. More Information

---

USA Patriot Act

PURPOSE: To preserve life and liberty (national security)
Among other directives, the USA Patriot Act mandates facilitated information sharing and cooperation among government agencies so that they better prevent future terrorist attacks.
More Information

---

CAN-SPAM Act

PURPOSE: A Compliance Guide for Business

Do you use email in your business? The CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.
More Information