Due to the types of data collected, processed, and stored by the University of South
Carolina, the university is subject to compliance and audit in regards to several
areas of regulatory compliance.
HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health
insurance, protect the confidentiality and security of healthcare information and
help the healthcare industry control administrative costs.
The Family Educational Rights and Privacy Act (FERPA) is a federal privacy law that provides certain protections with regard to education
records, such as report cards, transcripts, disciplinary records, contact and family
information, and class schedules.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded
credit cards from the major card schemes including Visa, MasterCard, American Express,
Discover, and JCB.
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions, companies, and institutions that offer consumers
financial products or services like loans, financial or investment advice, or insurance
– to explain their information-sharing practices to their customers and to safeguard