Skip to Content

Division of Information Technology

Regulatory Compliance

Due to the types of data collected, processed, and stored by the University of South Carolina, the university is subject to compliance and audit in regards to several areas of regulatory compliance.



HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.

List Thumbnail


The Family Educational Rights and Privacy Act (FERPA) is a federal privacy law that provides certain protections with regard to education records, such as report cards, transcripts, disciplinary records, contact and family information, and class schedules.

List Thumbnail


The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.

List Thumbnail


The Gramm-Leach-Bliley Act (GLBA) requires financial institutions, companies, and institutions that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.

Challenge the conventional. Create the exceptional. No Limits.