HEALTH

Health Insurance Portability and Accountability Act (HIPAA) of 1996
Security in health care has been heightened due to the Health Insurance Portability and Accountability Act of 1996, which has spurred interest in security far beyond the dictates of the Act itself. The HIPAA Privacy Rule is federal law, which carries penalties of up to $250,000 in fines and jail time of up to 10 years. The rule applies to "electronic protected health information" -- essentially, patients' medical records and other personal health care information. It affects every company that transmits protected health information in electronic form, which includes health plans, health care clearinghouses and health care providers. Full compliance requires these entities to understand the threats and liabilities to this protected data and to ensure that they implement a wide variety of safeguards and security best practices.

The primary intent of HIPAA is to provide better access to health insurance, limit fraud and abuse, and reduce administrative costs. All health care institutions that maintain or transmit electronic health information must comply.

Gilian’s G-Server is a key component in moving toward HIPAA compliance in that it enables health care providers and health-related organizations to meet the demanding requirements of ensuring the integrity of data that is served or transmitted by a Web site. Return to Top

GOVERNMENT

OMB Section 515
On February 22, 2002, the Office of Management and Budget (OMB) issued guidelines requiring federal agencies to develop procedures for reviewing and substantiating the quality, objectivity, utility and integrity of their information before it is disseminated to the public. The guidelines also require that each agency create a mechanism by which affected persons may seek, and when appropriate obtain, correction of information that the agency disseminates. These guidelines are required by section 515 of the Treasury and General Government Appropriations Act and became effective October 1, 2002.

Gilian provides federal agencies with a Web application and content integrity solution to help comply with these OMB guidelines by identifying and correcting Web content quality problems before the information is disseminated. So, even in the event of a successful attack, Web applications and content remain intact and the G-Server successfully eliminates any threat of non-compliance arising from false or objectionable material being published on the agency’s Web site. Return to Top

California Senate Bill 1386
The privacy and financial security of individuals is increasingly at risk due to the ever more widespread collection of personal information by both the private and public sector.

California's SB 1386 is a sweeping measure that mandates public disclosure of computer-security breaches in which confidential information of ANY California resident MAY have been compromised.

The bill, operative July 1, 2003, requires a state agency, or a person or business that conducts business in California, that owns or licenses computerized data that includes personal information, to disclose in specified ways, any breach of the security of the data. Companies and organizations that fail to disclose computer security breaches become liable for civil damages or face class actions.

Gilian’s G-Server enables companies to improve their Web application and content security by scrutinizing, in real-time, every object leaving the Web server, assuring all content—static or dynamic—as well as all Web applications are authentic and unaltered. Return to Top

Common Criteria Certification
Common Criteria (CC) is an internationally recognized ISO standard (ISO 15408) used by the U.S. government and other organizations to assess security and assurance of technology products.

Common Criteria provides an objective way to measure a vendor’s security claims. The US is represented within the CC Project by the National Information Assurance Partnership (NIAP), a joint NIST and National Security Agency (NSA) project. NIAP, in turn, has established the Common Criteria Evaluation and Validation Scheme (CCEVS) to implement the scheme within the US.

Gilian received Common Criteria Certification on September 7, 2003. The certification makes the G-Server even more eligible for deployment in highly sensitive environments, such as local, state and federal government organizations and financial enterprises and assures Gilian’s customers that the G-Server offers the highest level of Web protection for combating Web site hacking and protecting against application-level attacks, and for protecting corporate applications from compromise. Return to Top

FINANCIAL

Gramm-Leach-Bliley (GLBA) Act of 1999
The Gramm-Leach-Bliley Act signed into law on Nov. 12, 1999 requires financial institutions (banks, credit unions, investment companies etc.) and their partners who collect or store "non-public personal data" to identify reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer information or customer information systems." GLBA allows closer ties among banks, securities firms and insurance companies, with the restriction that these financial institutions are required to protect a customer's personal financial information, including that an individual is even a customer of a particular financial institution, the consumer's name, address, social security number, account number, and any other information a consumer provides on an account application, and to implement a variety of access and security controls.

Specifically, section 6801(b) requires financial institutions:

• to insure the security and confidentiality of customer records and information;
• to protect against any anticipated threats or hazards to the security or integrity of such records;

Failure to comply with GLBA results in regulatory fines for the financial institution. In addition, CEOs and directors can be held personally liable for any misuse of non-public, personally identifiable information.

Gilian’s G-Server assures the absolute accuracy and integrity of your dynamic and static Web site content, even if a hacker gains access to your Web server. In fact, we are so confident of the G-Server’s ability to ensure only genuine, authorized content is ever published by a Web site, we guarantee it or you may recover damages from Gilian. Return to Top

Sarbanes-Oxley Act of 2002
The Sarbanes-Oxley Act (SOX) aims to strengthen overall business operations by providing guidelines to help efficiently manage internal controls and enhance financial reporting practices. It also holds CEOs and CFOs of publicly held companies responsible for the accuracy of financial information issued by their companies.

Rather than run the risk of publishing fraudulent or objectionable material, the G-Server maintains your company’s reputation and safeguards your company from legal liability by ensuring that only your authorized, genuine content is made available. You don’t lose time, money, customers or credibility at the hands of malicious internal or external attacks. The G-Server is the best method of ensuring that information broadcast from your Web site is genuine information

Return to Top