Stop doing what is easy. 

Start doing what is right.

Compliance standards are the first step in protecting your business and customer data from a breach or criminal attack.

US Cyber Vault upholds all of the major regulatory compliance standards for every industry.


Protect your industry-specific data

hipaa.png

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) protects health information and keeps data confidential by ensuring the security of electronic protected health information and notifying customers following a breach of unsecured protected data.

pci.png

PCI

The Payment Card Industry Data Security Standard (PCI DSS) improves payment account security and protects consumers with a set of regulations for companies that process, store or transmit credit card information regardless of the size or number of transactions.

iso.png

ISO

The International Organization for Standardization (ISO) is made up of 162 countries that develop and publish International standards that enforce world-class specifications for products, services and systems in an effort to maintain quality, safety and efficiency.

iias.png

IIAS

The Inventory Information Approval System (IIAS) segments products at checkout to ensure they're a qualified health item and communicates with credit card companies for approval with a point of sale system that substantiates HRA and FSA eligible purchases.

 
seal_ssae16.png

SSAE 16

SSAE 16, also called Statement on Standards for Attestation Engagements 16, is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service companies report on compliance controls.

 
ITAR  

ITAR

International Traffic in Arms Regulation (ITAR) compliance requirements cover the import and export of defense-related products, services, and technologies that are included on the United States Munitions List (USML), including applicable data and information. Only US Citizens may have access to ITAR data.  Furthermore, ITAR controlled data may not flow to secondary data centers in foreign locations.

seal_safeharbor.png

 

Safe Harbor

Made effective in October 1998, Safe Harbor is a policy agreement established between the U.S. Department of Commerce and the European Union (EU) to regulate the manner in which U.S. companies export, store and manage the personal data (e.g., names and addresses) of European citizens. 

 
Cloud-Security-Alliance.png
 

CSA

The Cloud Security Alliance (CSA) is the world s leading organization
dedicated to defining and raising awareness of best practices to help
ensure a secure cloud computing environment. CSA Created and maintains the Cloud Controls Matrix (CCM), the world's only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations.

seal_hitrust.png

 

HI TRUST

The Health Information Trust Alliance or HITRUST, is a privately held company located in the United States that, in collaboration with healthcare, technology and information security leaders, has established a Common Security Framework (CSF) that can be used by all organizations that create, access, store or exchange sensitive and/or regulated data.

Fedramplogo

FedRAMP

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.  The FedRAMP program has also established a Joint Accreditation Board (JAB) consisting of Chief Information Officers from DoD, DHS, and GSA.

With compliance, everyone looks busy checking boxes while the house burns down
— Dan Kaminsky, Black Hat 2016 Keynote