Compliance

Compliance - The Regulatory Requirements

Today, government regulators are taking the issue of compliance more seriously than ever before, inposing harsh penalties on this that don't comply - from litigation and massive fines, to in some instances, imprisonment.

SECURELY OFFSITE offers a comprehensive portfolio of solutions that address the challenge of meeting instant communications and ESI compliance regulations. They can fully satisfy all regulatory record retention compliance requirments for archiving instant communications and files as mandated in the USA by SEC, NASD, NYSE, Sarbanes-Oxley Act, Gramm-Leach-Bliley Act, HIPAA, Patriot Act, the Federal Rules of Civil Procedure (FRCP) and the various state regulations. In Canada there are the PIPEDA, Bill 198, Fintrac, the forthcoming CSA National Instrument 31-103 and other regulations.

The Federal Rules of Civil Procedure and other regulations mean that your organization must be prepared to meet electronic discovery requirements in the event of litigation. E-mail represents just a portion of the documents that may be relevant to a civil proceeding. Others stored throughout your IT infrastructure, including those in network file shares, must also be readily available and accessible. These documents need to be analyzed, processed, indexed, and retained to meet compliance mandates.

CIVIL LAW: At least 37 United States District Courts now require compliance with special local rules, forms or guidelines addressing the discovery of electronically stored information. In some districts where there are no local rules or court-mandated forms, individual judges have created...

Records Retention Guidelines: Emails, IM, SmartPhone and VOIP/Voice communications along with other digital communication are considered to be business records for retention, just like paper records. Retention is a matter of content and legal requirement.

Business records: 7 years to permanent

Contracts: 7 years to permanent

Employee records: 3 years

Payroll records: 3 to 7 years

OSHA employee records: 3 to 30 years

US Federal, State and Foreign Digital Retention Regulations - What Laws Apply?

FINANCIAL SERVICES

Brokers - Dealers / Exchange Members

-SEC Rule 17a-4

-NASD Rules 3110 & 3010, 2210,

2211, 2310, 2711, 3013

-NYSE Rules 440, 342, 472

-NASD 3510 (BCP)

Investment Advisors & Hedge Funds

-SEC Rule 202-4

-SEC Rule 206(4)-7

-SEC Rule 203(b)(3)-2

Investment Dealers (IDA)

-IDA By-law 29.7

-UMIR Policy 7.1

-IDA By-law 17.19(BCP)

-OSC 52.111

Futures & Transfer Agents

-CFTC Rule 1.31

-NFA Rule 2.9

GOVERNMENTAL ENTITIES:

-Freedom of Information Act (FOIA)

-Section 703 of the Civil Rights Act (Anti-Harassment)

-Sunshine Laws; Open Meetings

-US Federal Rules of Civil Procedure 26 & 34

-Patriot Act

SCHOOLS/EDUCATIONAL INSTITUTIONS

-US Federal Rules of Civil Procedure 26 & 34
-Family Educational Rights and Privacy Act
-Federal Children’s Internet Protection Act
-HIPAA
-Patriot Act
-Freedom of Information Act (FOIA)
-Section 703 of the Civil Rights Act
-(Combined Government, Private Sector & Healthcare obligations)

BANKS AND FINANCIAL INSTITUTIONS

-Bank Secrecy Act 31 CFR 103

-Money Laundering Control Act of 1986

-(Also see FINANCIAL SERVICES regulations)

-Basel II Accord

-Patriot Act

PUBLIC & GLOBAL COMPANIES:

-Sarbanes-Oxley Act & Bill 198 (Canada)

-Sarbanes–Oxley Act / SOX / SarbOx (USA)

-Public Company Accounting Reform and Investor Protection Act of 2002

-Graham-Leach-Bliley Act

-PIPA & PIPEDA (Canada)

- Fintrac (Canada)

-Patriot Act

-UK & European Data Protection Acts

-Sec.113 47 U.S.C. 223(h)(1) Anti-Cyber Stalking

-SEC Regs. 17ad-6 & 17ad-7

-Section 703 of the Civil Rights Act (Harassment)

-Foreign Corrupt Practices Act (FCPA)

-US Federal Rules of Civil Procedure 26 & 34

HEALTH CARE ORGANIZATIONS:

-HIPAA

-21CFR Part 11 – FDA Electronic Records

-US Federal Rules of Civil Procedure 26 & 34

PRIVATE COMPANIES, REAL-ESTATE, Everyone Else

(it is the law that electronic documents be shared in

pre-trial discovery in federal court actions)

-US Federal Rules of Civil Procedure 26 & 34

-Patriot Act
-Foreign Corrupt Practices Act (FCPA)
-Money Laundering Control Act of 1986