Welcome to
Help Desk

Product Updates
Training
Support
Ideas Contact Support

Egnyte Secure & Govern offers several built-in classification policies that are targeted toward compliance with data security standards in several regional jurisdictions. The built-in policies currently included in Egnyte S&G are: 

 

Payment Card Industry Data Security Standard (PCI-DSS)

Detects credit and debit card numbers, as well as card MagStripe track data. This policy helps you comply with the global PCI-DSS information security standard, which is applicable if you handle credit card information for cards issued by any of the major providers such as Visa, MasterCard, American Express, and Diners Club.

California Consumer Privacy Act (CCPA)

Detects the personal information of California residents collected by businesses and organizations. This policy helps you comply with the California Consumer Privacy Act, applicable to any business that collects consumers' personal information, does business in California, and meets any of the following criteria:  a) has annual gross revenues in excess of $25 million; b) possesses the personal information of 50,000 or more consumers, households, or devices; or c) earns more than half of its annual revenue from selling consumers' personal information.

Nevada Opt-Out Law (NOOL)

Detects the personal information of Nevada residents collected by businesses and organizations. This policy helps you comply with Nevada’s privacy law. It is applicable only to operators of an Internet website or online service for commercial purposes that meet the following criteria: a)collects and maintains covered information from consumers who reside in this State and use or visit the Internet website or online service; b) engage in an activity that constitutes a sufficient nexus with Nevada to satisfy the requirements of the United States Constitution. Such activity includes purposefully directing activities toward Nevada and consummating a transaction with Nevada. or a Nevada resident.

Gramm-Leach-Bliley Financial Modernization Act (GLBA)

Detects personal financial information of US individuals collected for the purpose of providing financial services. This policy helps you comply with the Safeguards Rule section of the Financial Modernization Act of 1999, a US federal law that controls the ways that financial institutions such as banks, investment advisors, mortgage lenders, and real estate service providers deal with private information of individuals.

Data Protection Act (DPA)

Detects personal information of United Kingdom individuals. This policy helps you comply with the Data Protection Act of 1998, which protects the personal data of UK individuals. The policy detects national identifiers such as the National Insurance Number (NINO), UK bank account numbers, and personal health identifiers such as the National Health Service (NHS) number.

Access to Medical Records Act Policy (AMRA)

Detects medical and health information of United Kingdom residents. This helps you comply with  The Access to Medical Reports Act 1988 which governs access to medical reports made by a medical practitioner who is or has been responsible for the clinical care of the patient, for insurance or employment purposes. The policy detects national identifiers such as the National Insurance Number (NINO) and National Health Service (NHS) number. 

Personal Information Protection and Electronic Documents Act (PIPEDA)

Detects personal information of Canadian individuals. This policy helps you comply with the Personal Information Protection and Electronic Documents Act, which sets out the ground rules for how Canadian businesses must handle the personal information of individuals in the course of commercial activity. The policy detects national identifiers such as the Social Insurance Number, provincial driver’s license numbers, MICR numbers/SWIFT codes, and bank account numbers, as well as provincial health identifiers such as Personal Health Numbers.
 

General Data Protection Regulation (GDPR)

Detects personal information of European Union citizens. This policy helps you comply with the new General Data Protection Regulation that comes into effect in the European Union on May 25, 2018. The regulation harmonizes data privacy laws across Europe and mandates the protection of the personal data of EU citizens collected by organizations. With the new extra-territorial applicability clause, you’ll need to comply with GDPR if you collect or process any EU citizen’s personal data, regardless of your geographical location. The policy detects the national identifiers, personal health identifiers, and banking information of the citizens of all the 27 European Union countries.

The United Kingdom General Data Protection Regulation (UKGDPR)

The General Data Protection Regulation or the GDPR is a European Union (EU) regulation designed to protect the privacy rights of individuals in the European Economic Area (EEA). However, as a result of Brexit, on January 1, 2021, the United Kingdom's UK GDPR rules became effective. The UK GDPR absorbs the privacy compliance requirements of the EEA's GDPR and combines them with the requirements of the UK Data Protection Act. The policy helps detect UK’s national identifiers like the National Insurance number, Electoral roll number, Driver’s License, and other similar identifiers.

 

Sarbanes-Oxley Act (SOX)

Detects corporate financial information and financial disclosure reports to the US Securities and Exchange Commission. This policy helps you comply with Sections 302 and 404 of the Sarbanes-Oxley Act of 2002, which regulates the storage and protection of financial information by public companies.

Health Insurance Portability and Accountability Act (HIPAA)

Detects personal, medical, and health information of US individuals collected by covered healthcare entities such as hospitals, health insurance carriers, and their business associates. This policy helps you comply with the HIPAA Act of 1996 and the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009, which addresses the privacy and security concerns associated with the electronic transmission of personal health information.

Fair Credit Reporting Act (FCRA)

Detects consumer credit information collected and reported by the three major credit reporting bureaus - Experian, TransUnion, and Equifax. This policy helps you comply with the Fair Credit Reporting Act that regulates consumer reporting agencies, users of consumer reports, and furnishers of consumer information.

International Traffic in Arms Regulations (ITAR)

Detects defense and military-related articles, services, and technologies listed in the U.S. Munitions List. This policy helps you comply with the Arms Export Control Act provisions that are implemented in the ITAR regulation and enforced by the Department of State Directorate of Defense Trade Controls.

Australian Privacy Act (APA)

Detects personal information collected by Australian government agencies, private sector organizations, and private health service providers. This policy helps you comply with the Australian Privacy Principles outlined in the Privacy Act, which protects the personal data of Australian individuals. The policy detects personal identifiers such as the Tax File Number, Australian bank account number, and personal health identifiers such as the Medicare Number.

Australia Health Care and Information Privacy Act (HRIP)

Detects medical and health information of Australian individuals collected by healthcare entities like hospitals, health insurance providers, pharmaceutical services, and their business associates. This helps you comply with the Health Records Information Privacy Act of 2002, which promotes promote fair and responsible handling of health information by protecting the privacy of an individual’s health information that is held in the public and private sectors, and enabling individuals to gain access to their health information, and providing an accessible framework for the resolution of complaints regarding the handling of health information. The policy detects personal health identifiers such as  Medicare numbers and Individual Healthcare Identifiers.

 

New Zealand Privacy Act (NZPA)

Detects personal information of New Zealand individuals. This policy helps you comply with the Privacy Act of 1993, which protects the information privacy of New Zealand persons. The policy detects personal identifiers such as the IRD Number, New Zealand bank account number, and personal health identifiers such as the NHI Number.


Brazil General Data Protection Law

Detects personal information of Brazilian individuals. This policy helps you comply with the General Data Protection Law (LGPD), which protects the information privacy of Brazil’s residents. The policy detects personal identifiers such as Brazil Electoral ID, CPF, and CPNJ numbers.


Mexico Federal Law on the Protection of Personal Data

Detects personal information of Mexican individuals. This policy helps you comply with the Federal Law on the Protection of Personal Data, which protects the information privacy of Mexican individuals. The policy detects personal identifiers such as CURP and RFC numbers.


India Personal Data Protection

Detects personal information of Indian individuals. This proposed policy helps you comply with the Personal Data Protection Bill, which protects the information privacy of India’s residents. The policy detects personal identifiers such as the Aadhaar number, Driving License, and PAN.
 

Japan Act on the Protection of Personal Information

Detects personal information of Japanese individuals. This policy helps you comply with the Act on the Protection of Personal Information (APPI), which protects the information privacy of Japan’s residents. The policy detects personal identifiers such as Japanese account numbers and Individual numbers.
 

Singapore Personal Data Protection Act

Detects personal information of Singaporean individuals. This policy helps you comply with the Personal Data Protection Act (PDPA), which protects the information privacy of Singapore’s residents. The policy detects personal identifiers such as the National Registration number (NRIC). 

 

Virginia Consumer Data Protection Act(VCDPA)

Detects the personal information of Virginia's residents collected by businesses and organizations in Virginia or produces products or services targeted to the state's residents. This policy helps you comply with the Virginia Consumer Data Protection Act, applicable to any business that meets any of the following criteria:  a) control or process personal data of at least 100,000 consumers in a calendar year; b) control or process the personal data of at least 25,000 consumers and derive at least 50% of gross revenue from the sale of personal data.

 

New York SHIELD (Stop Hacks and Improve Electronic Data Security) Act (NYSH)

Detects the personal information of New York residents collected by businesses and organizations. This policy helps you comply with the New York SHIELD (Stop Hacks and Improve Electronic Data Security Act, applicable to every business that collects consumers' personal information and, does business in New York.

 

New Jersey Identity Theft Prevention Act (ITPA)

Detects the personal information of New Jersey residents collected by businesses and organizations. This policy helps you comply with the New Jersey Identity Theft Prevention Act, applicable to every business that collects consumers' personal information and, does business in New Jersey.

 

Maryland Personal Information Protection Act (MPIPA)

Detects the personal information of Maryland residents collected by businesses and organizations. This policy helps you comply with the Maryland Personal Information Protection Act, applicable to every business that collects or licenses consumers' personal information and, does business in Maryland.

 

Massachusetts Commonwealth Personal Information Protection Act (CPIP)

Detects the personal information of Massachusetts residents collected by businesses and organizations. This policy helps you comply with the Commonwealth Personal Information Protection  Act, applicable to every business that collects or licenses consumers' personal information and, does business in Massachusetts.

 

Colorado Protections for Consumer Data Privacy (COCP)

Detects the personal information of Colorado residents collected by businesses and organizations. This policy helps you comply with the Colorado Protections for Consumer Data Privacy Act, applicable to every business that collects or licenses consumers' personal information and, does business in Colorado.

 

Oregon Consumer Information Protection Act (CIPA)

Detects the personal information of Oregon residents collected by businesses and organizations. This policy helps you comply with the Oregon Consumer Information Protection Act, applicable to every business that collects or licenses consumers' personal information and, does business in Oregon.

 

Texas Identity Theft Enforcement and Protection (TITEPA)

Detects the personal information of Texas residents collected by businesses and organizations. This policy helps you comply with the Texas Identity Theft Enforcement and Protection Act, applicable to every business that collects or licenses consumers' personal information and, does business in Texas.

 

New York Department of Financial Services Cybersecurity Regulations (NYDFS)

NYDFS Cybersecurity regulations (23 NYCRR 500) apply to all entities under license, registration, and charter from DFS. The regulations also apply to unregulated third-party service providers working with regulated entities. The regulations mandate all covered entities such as banks, insurance, and financial services companies adhere to a set of cybersecurity rules. The built-in NYDFS policy looks for sensitive content as defined in the cybersecurity regulations.

 

South Africa Protection of Personal Information Act (POPI)

Detects personal information of South African residents. This policy helps you comply with the Protection of Personal Information Act (POPI) which protects the information privacy of South African residents. The policy detects personal identifiers such as the South African ID number and driver's license number.

 

Encryption Keys and API Secrets Policy (EKAS)

Detects the most widely used types of encryption keys and API secrets. The policy detects the following type of encryption keys: RSA, PGP, ECC, and other generic private keys. In addition to encryption keys, the policy detects the following types of API secrets: Google OAuth secret, Stripe API key, Amazon MWS Auth token, Square OAuth token, Amazon AWS key, Slack token, Heroku API key, Paypal Braintree access token, Facebook access token, Twitter access token, Picatic private key, Twilio API key, Square access token, Mailgun API key, Mailchimp API key, and Google API key. 

 

Taiwan Personal Data Protection Act (TPDPA)

Detects personal information of Taiwanese residents. This policy helps you comply with the Taiwan Personal Data Protection Act (TPDPA), which regulates the collection, processing, and use of personal data so as to prevent harm to personality rights and to facilitate the proper use of personal data. The policy detects personal identifiers such as Taiwan resident certificate numbers, national identification numbers, and passport numbers.

 

South Korea Personal Information Protection Act (KPIPA)

Detects personal information of South Korean residents. The policy helps you comply with the South Korea Personal Information Protection Act (KPIPA), which regulates the processing and protection of personal information for the purpose of enhancing the right and interests of individuals, and further realizing the dignity and value of the individuals. The policy detects personal identifiers such as South Korean resident registration numbers and passport numbers.

 

Switzerland Data Protection Act (SDPA)

Detects personal information of Swiss residents. The policy helps you comply with the Switzerland Data Protection Act (SDPA), which protects the information privacy of Switzerland’s residents. The policy detects personal identifiers such as the Swiss National Identification Number (AHV/AVS), Swiss Edu-ID Number, Swiss Passport Number, Swiss Health Identification Card Number, Swiss Driving License Number, and Enterprise Identification Number.

 

Norway Data Protection Act (NDPA)

Detects personal information of Norwegian residents. The policy helps you comply with the Norway Data Protection Act (NDPA), which protects the information privacy of Norway’s residents. The policy detects personal identifiers such as the Norwegian National Identification Number/D-number and Norwegian Driving License Number.

 

Indonesia Personal Data Protection Regulations (IPDPR)

Detects personal information of Indonesian residents. This policy helps you comply with the Indonesia Personal Data Protection Regulations (IPDPR) which protects the information privacy of Indonesian residents. The policy detects personal identifiers such as the Indonesian Identity Card Number and Indonesian Tax Identification Number.

 

Thailand Personal Data Protection Act (TDPA)

Detects personal information of Thai residents. This policy helps you comply with the Thailand Personal Data Protection Act which protects the information privacy of Thai residents. The policy detects personal identifiers like the Thai Personal Identification Number and the passport number.

 

Malaysia Personal Data Protection Act (MDPA)

Detects personal information of Malaysian residents. This policy helps you comply with the Malaysia Personal Data Protection Act which protects the information privacy of Malaysian residents. The policy detects personal identifiers like Malaysian National Registration Identity Card number, passport number, and Malaysian Tax Identification number.

 

Russia Federal Act on Data Protection (RFAD)

Detects personal information of Russian citizens. This policy helps you comply with the Russian Federal Act on Data Protection which protects the information privacy of Russian citizens. The policy helps detect personal identifiers like Russian Taxpayer Identification Number, Russian Passport Number, Russian Insurance Account Number, Russian OMS Number, and Russian Military Identity Number.

 

Israel Protection of Privacy Law (IPPL)

Detects personal information of Israeli residents. This policy helps you comply with the Israel Protection of Privacy Law (IPPL) which protects the information privacy of Israel’s residents. The policy helps detect personal identifiers like Israel National ID and Israel Bank Account Number.

 

Turkey Data Protection Law (TDPL)

Detects personal information of Turkish residents. This policy helps you comply with the Turkey Data Protection Law (TDPL) which protects the information privacy of Turkey’s residents. The policy helps detect personal identifiers like Turkey Tax Identification Number, Turkey Passport Number, andTurkey Identification Number.

 

Saudi Arabia Anti Cyber Crime Law (SACCL)

Detects personal information of Saudi Arabia’s residents. This policy helps you comply with the Saudi Arabia Anti-Cyber Crime Law (SACCL) which protects the information privacy of Saudi Arabia’s residents. The policy helps detect personal identifiers like Saudi Arabia's National Identification Number.

 

UAE Data Protection Law ()

Detects personal information of UAE’s residents. This policy helps you comply with the UAE Data Protection Law (UDPL) which protects the information privacy of UAE’s residents. The policy helps detect personal identifiers like UAE Personal Number.

 

 

 

 

Was this article helpful?
0 out of 0 found this helpful

For technical assistance, please contact us.