This document is a summary of the various laws and is not a complete or comprehensive guide to compliance. Entities regulated by a particular law are obligated to comply with all of its applicable requirements and should not rely on this summary as a source of legal information or advice.
American Health Insurance Portability and Accountability Act of 1996 (HIPAA)
HIPAA helps ensure that all medical records, medical billing, and patient accounts meet consistent standards with concert to documentation, handling, and privacy. HIPAA requires that all patients be able to access their own medical records, correct errors or omissions, and be informed on how personal information is shared or used.
Family Educational Rights and Privacy Act of 1974 (FERPA)
FERPA, as Amended, protects the privacy of student education records and requires institutions accepting federal monies to protect the privacy of student information. It gives students the right to review their educational records, the right to request amendment to records they believe to be inaccurate, and the right to limit disclosure from those records. An institution’s failure to comply with FERPA could result in the withdrawal of federal funds by the Department of Education.
Payment Card Industry Data Security Standard (PCI)
PCI is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures.
Phone: 828-669-8012 Ext. 3663
Initial Draft: 08/18/2016