New government mandates dictate that information in every form be more secure. With so many regulatory and compliance measures to respond to, Toshiba has looked to the federal government requirements, among others, as guidelines. While not all organizations are held to these regulations, Toshiba MFP security features address the security requirements of the following entities:
HIPAA – The Health Insurance Portability and Accountability Act. Toshiba security solutions offer advanced features that address the privacy and security of protected patient information, including secure device access, private printing capabilities, an audit trail, and features that allow only authorized users to receive confidential data or documents.
GLB Act – The Gramm-Leach-Bliley Act. The Financial Privacy Rule and the Safeguards Rule pertain to the disclosure of private financial information, and require all financial institutions to design and maintain systems to support the protection of customer information. Toshiba products support this directive.
FERPA – The Family Education Rights and Privacy Act requires a heightened level of security for educational institutions complying with the U.S. Department of Education. Password-restricted printing, controlled device access, and data encryption and/or deletion ensure that sensitive information is protected on Toshiba multifunction devices.
SOX – The Sarbanes-Oxley Act. Corporate governance regulations are enforced on Toshiba MFP devices through data security safeguards focused on restricting access to information, tracking data, and protecting data integrity.
CCEVS – The Common Criteria Evaluation and Validation Scheme program recognizes and validates security solutions based upon an internationally accepted methodology. Toshiba products comply with the Common Criteria Evaluated Assurance Level, and conform to ISO/IEC15408 (Information Technology Security Evaluation Criteria).
DoD – The Department of Defense manual outlines rigid policies and standards in the interest of protecting the security of the United States. Toshiba’s Disk Overwrite solution clears and sanitizes hard disk drives that may contain classified information.
eDiscovery – New Federal Rules of Civil Procedure for eDiscovery which went into effect December 1, 2006—govern when and how information is collected, preserved, and produced in connection with legal discoveries for every case pending in any U.S. Federal Court. In summary, rules do not require companies to keep all content forever, though they do affect the following areas:
- ESI or “electronically stored information” is now definitively subject to legal discovery.
- Transparency. Companies are now required to make their IT departments available to lawyers.
- Preservation. Whenever a company is placed on notice of a new case, the company must identify the information that is potentially relevant to that case-and preserve it for subsequent production to the other side in the case.