Egnyte Protect offers several built-in classification policies that are targeted towards compliance with data security standards in several regional jurisdictions. The built-in policies currently included in Egnyte Protect are:
Payment Card Industry Data Security Standard (PCI-DSS)
Detects credit and debit card numbers, as well as card MagStripe track data. This policy helps you comply with the global PCI-DSS information security standard, which is applicable if you handle credit card information for cards issued by any of the major providers such as Visa, MasterCard, American Express and Diners Club.
Gramm-Leach-Bliley Financial Modernization Act (GLBA)
Detects personal and financial information of US individuals collected for the purpose of providing financial services. This policy helps you comply with the Safeguards Rule section of the Financial Modernization Act of 1999, a US federal law that controls the ways that financial institutions such as banks, investment advisors, mortgage lenders and real estate service providers deal with the private information of individuals.
Data Protection Act (DPA)
Detects personal information of United Kingdom individuals. This policy helps you comply with the Data Protection Act of 1998, which protects the personal data of UK individuals. The policy detects national identifiers such as the National Insurance Number (NINO), UK bank account numbers and personal health identifiers such as the National Health Service (NHS) number.
Personal Information Protection and Electronic Documents Act (PIPEDA)
Detects personal information of Canadian individuals. This policy helps you comply with the Personal Information Protection and Electronic Documents Act, which sets out the ground rules for how Canadian businesses must handle personal information of individuals in the course of commercial activity. The policy detects national identifiers such as the Social Insurance Number, provincial driver’s license numbers, MICR numbers/SWIFT codes and bank account numbers, as well as provincial health identifiers such as Personal Health Numbers.
General Data Protection Regulation (GDPR)
Detects personal information of European Union citizens. This policy helps you comply with the new General Data Protection Regulation that comes into effect in the European Union on May 25, 2018. The regulation harmonizes data privacy laws across Europe and mandates the protection of personal data of EU citizens collected by organizations. With the new extra-territorial applicability clause, you’ll need to comply with GDPR if you collect or process any EU citizen’s personal data, regardless of your geographical location. The policy detects the national identifiers, personal health identifiers and banking information of the citizens of all the 27 European Union countries.