Regulations

Documentation | Support

Go to the table of contents

Go to the previous page

Go to the next page

View or print as PDF

Forcepoint DLP Predefined Policies and Classifiers > Discovery policies > Regulations

Predefined Policies and Classifiers | Forcepoint DLP | v8.4.x

FERC and NERC for Discovery

Policy to promote compliance with the requirements imposed by the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Council (NERC) to protects Critical Energy Infrastructure Information (CEII). The policy detects sensitive Energy Infrastructure Information, such as natural gas pipeline flow diagrams, various drawing and schemes files and FERC forms 567 and 715. The rules for this policy are:

FERC and NERC: disclaimer

FERC and NERC: pipeline flow diagrams

FERC and NERC: form 567

FERC and NERC: form 715

Nevada SB 227 and NRS 603A for Discovery

Nevada SB 227 and NRS 603A require that organizations or business entities in Nevada shall not disseminate unencrypted personal information and shall not move any data storage device containing unencrypted personal information outside of the secure system of the business. NRS 603A also mandates notification of the breach to any resident of this State whose unencrypted personal information is reasonably believed to have been acquired by an unauthorized person. The pre-defined policy detects Personally Identifiable Information (PII) that should be encrypted, like full names with social security numbers, Nevada driver license, credit card numbers, and passwords. The rules for this policy are:

Nevada SB 227 and NRS 603A: Account and Password

Nevada SB 227 and NRS 603A: Name and CCN

Nevada SB 227 and NRS 603A: Name and DL

Nevada SB 227 and NRS 603A: Name and ID

Nevada SB 227 and NRS 603A: Name and Password

Nevada SB 227 and NRS 603A: Name and SSN

Nevada SB 227 and NRS 603A: Name with Account and Password

SEC and SOX for Discovery

The Sarbanes-Oxley Act (SOX) mandates public companies to comply with its requirements. This act provides strict guidelines for ensuring corporate governance and control policies for information within publicly traded companies. This policy promotes compliance with the data protection aspects of SOX by detecting audit terms and SEC 10-K and 10-Q reports. The rules for this policy are:

SOX: Form 10-K (Standard Fiscal Year)

SOX: Form 10-Q (Standard Fiscal Year)

SOX: SOX-Related Term

Swedish Patient Data Act (SFS 2008:355, Patientdatalagen) - For Discovery

A policy to promote compliance with the Swedish Patient Data Act (Patientdatalag , SFS 2008:355) that mandates protection of protected health information (PHI) and Personally Identifiable Information (PII) of Swedish citizens and residents . The policy comprises rules for discovery of health information or medical conditions (in Swedish or English), in proximity to personally identifiable information such as personnummer or name, and for detection of SPSS files and Database files. The rules for this policy are:

SFS 2008:355: Database File

SFS 2008:355: DICOM

SFS 2008:355: DNA Profile

SFS 2008:355: ICD10 Code

SFS 2008:355: ICD10 Code and Description

SFS 2008:355: ICD10 Code and Name (Wide)

SFS 2008:355: ICD10 Code and Name (Default)

SFS 2008:355: ICD10 Code and Name (Narrow)

SFS 2008:355: ICD10 Code and Personal Number

SFS 2008:355: ICD10 Description

SFS 2008:355: Name and Health Information

SFS 2008:355: Name and Personal Number

SFS 2008:355: Name and Sensitive Disease or Drug

SFS 2008:355: Personal Number

SFS 2008:355: Personal Number and Health Information

SFS 2008:355: Personal Number and Sensitive Disease or Drug

SFS 2008:355: SPSS Text File

US-ITAR for Discovery

International Traffic in Arms Regulations (ITAR) is a set of United States government regulations that control the export and import of defense-related articles and services. The policy detects information about sensitive technologies being disseminated, as well as source code and confidential documents. For source code in the SPICE and VHDL languages, please select all relevant rules to achieve complete coverage. The rules for this policy are:

ITAR: Encryption

ITAR: Technical Drawing files

Go to the table of contents

Go to the previous page

Go to the next page

View or print as PDF

Forcepoint DLP Predefined Policies and Classifiers > Discovery policies > Regulations

Copyright 2017 Forcepoint. All rights reserved.