Regulatory Compliance

Email is one of the most common methods for communication. Companies rely on emails for sending sensitive data to their business partners. Emails are inherently insecure therefore, many regulations exist that govern sharing sensitive data through email messages.

Regulations for Your Industry

Government regulations differ between every industry. The following are examples of major regulations affecting United States as well as the European Union.

IndustryRegulationDescription
Health HIPAA Organizations must ensure email messages containing personal information must be encrypted and must be transferred using methods that can only be viewed by the intended recipients.
Financial Gramm-Leach-Bliley Organizations must implement policy and technologies that ensure the security and confidentiality of customer records when transmitted and in storage. Compliance to GLBA also requires that financial institutions must communicate to their customers how they share customers' sensitive data.
Education Family Educational Rights and Privacy Act This law applies to all schools that receive funds under an applicable program of the US department of Education. This act protects private information belonging to students from getting into wrong hands. End-to-End encryption play a significant role in eliminating unauthorized access when sensitive data is transferred via email.
Any Public Company Sarbanes Oxley Act This law was enacted in the United States in 2002 and requires every public company must establish internal controls to accurately gather, process and report financial information. Emails need to be encrypted to prevent unauthorized access.
Any Company GDPR Article 25 of GDPR requires data protection for all business processes