Due to the types of data collected, processed, and stored by the University of South Carolina, the university is subject to compliance and audit in regards to several areas of regulatory compliance.
HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.
The Family Educational Rights and Privacy Act (FERPA) is a federal privacy law that provides certain protections with regard to education records, such as report cards, transcripts, disciplinary records, contact and family information, and class schedules.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions, companies, and institutions that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.