Home Contact Sitemap


Managed Information Security Services


Compliance and Regulatory Solutions

Black Swan Technologies' breadth of services enables us to provide you with just the right solution to meet the requirements of your particular security challenge. We can help you meet and exceed your security objectives in a cost effective and timely manner.

Gramm-Leach-Bliley Act (GLBA)

The Gramm Leach Bliley Act (GLBA) is acomprehensive, federal law affecting financial institutions. The law requires financial institutions to develop, implement, and maintain administrative, technical, and physical safeguards to protect thesecurity, integrity, and confidentiality of customer information. The GLBA is composed of several parts, including the Privacy Rule (16 CFR 313) and the Safeguards Rule (16 CFR 314).

Did you know the GLBA requires a formal Information Security Program including an integrated security strategy that establishes perimeter security as well as security inside the network and among all databases, applications, and end-point devices such as laptops, PCs, wired and wireless devices, PDAs, and more. All devices on your network must collaborate to ensure proactive security is working effectively. Your devices also must adapt in real-time to your changing risk profile. We can Help>>

Health Insurance Portability and Accountability Act (HIPAA)

Starting on February, 2010, the HIPAA rules are enhanced by the American Recovery and Reinvestment Act. The HITECH section of this act implements significant penalties for breaches of HIPAA and requires that the business partners of organizations covered by HIPAA must themselves obey the HIPAA Privacy and Security Rules, and face liability if there are any unauthorized disclosures.

Did you know the HIPAA email security applies specifically to protected health information, not just personal information. Protected Health Information (PHI), as defined in HIPAA language, is health information of an identifiable individual that is transmitted by electronic media; maintained in any electronic medium; or transmitted or maintained in any other form or medium. We can Help>>

Comments (5) . 05 Jan 2010 . 10:37

Payment Card Industry Data Security Standard (PCI DSS)

  • Build & maintain a secure network
    • Install and maintain firewall
    • Do not use vendor-supplied defaults for system passwords
  • Protect Cardholder Data
    • Protect STORED cardholder data
    • Encrypt transmission of data across open, public networks

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis. Payment Card Industry (PCI) compliance is a complex and ever evolving subject affecting millions of businesses – acquiring banks, Independent Sales Organizations (ISOs), processors, hosts, shopping carts, e-commerce and retail merchants and other merchant services providers. Is PCI compliance a law? The short answer is no. The long answer is that while it is not currently a federal law, there are state laws that are already in effect (and some that may go into effect) to force components of the PCI Data Security Standard (PCI DSS) into law. In addition, there is a big push by legislatures and industry trade association to enact a federal law around data security and breach notification. We can Help>>

Comments (11) . 07 Jan 2010 . 02:56