MOVEit Transfer is used by healthcare, insurance, financial service and pharmaceutical organizations to satisfy data integrity, auditing and privacy concerns raised by HIPAA, FDIC, OCC, G-L-B Act, California SB 1386, Canadian PIPEDA Payment Card Industry (PCI), Sarbanes-Oxley (SARBOX) and other regulations. Although a particular organization's fitness with regards to major industry-specific federal regulations is usually determined on a site-by-site basis by a dedicated auditing team, the Privacy/Security/Auditing guide in this section contains general information regarding MOVEit Transfer expected conformance.
If you are branch or agency of the U.S. federal government, you may be required to only purchase cryptography that is FIPS 140 validated. MOVEit Transfer meets this requirement with its own FIPS 140-2 validated MOVEit Crypto module, which is part of MOVEit Transfer and MOVEit Automation. (MOVEit Crypto has been approved for use with information through the Classified level.)
Certain agencies, vendors or providers may also be required to conform to other federal requirements such as those issued by the Food and Drug Administration (FDA) or mandated by the Americans with Disabilities Act (ADA) . Because these requirements are frequently NOT the subject of their own audits, the applicable regulations and the MOVEit Transfer compliance statements are detailed in their own sections so that they can be included in most conformance reports.
See Also |