Due to the types of data collected, processed, and stored by the University of South
Carolina, the university is subject to compliance and audit in regards to several
areas of regulatory compliance.
HIPAA is the federal Health Insurance Portability and Accountability Act of 1996.
The primary goal of the law is to make it easier for people to keep health insurance,
protect the confidentiality and security of healthcare information and help the healthcare
industry control administrative costs.
The Family Educational Rights and Privacy Act (FERPA) is a federal privacy law that
provides certain protections with regard to education records, such as report cards,
transcripts, disciplinary records, contact and family information, and class schedules.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information
security standard for organizations that handle branded credit cards from the major
card schemes including Visa, MasterCard, American Express, Discover, and JCB.
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions, companies, and
institutions that offer consumers financial products or services like loans, financial
or investment advice, or insurance – to explain their information-sharing practices
to their customers and to safeguard sensitive data.