Compliance Overview

What is compliance?

Compliance focuses on different industries and those whose purpose is to control the sharing and access of customer data. The Health Insurance Portability and Accountability Act (HIPAA) focuses on the healthcare industry. In contrast, the Gramm-Leach-Bliley Act (GLBA), the Financial Industry Regulatory Authority (FINRA), and the Securities and Exchange Commission (SEC) focus on the financial industry and services.

Eyonic Systems helps support compliance with these industry standards in a variety of ways. We are a private corporation that serves as a provider of secure, online backup and file sharing storage for private information. In a continuing effort to ensure data confidentiality, integrity, and availability, Eyonic strives to maintain industry compliance for data protection, handling, and accessibility.


Who does compliance apply to?

In general, HIPAA applies to covered entities and business associates (BA) whose activities include: claims processing or administration, data analysis, utilization review, quality assurance, billing, benefit management, practice management, and repricing. BA services are: legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, and financial. Persons or organizations are not considered to be a BA whose functions or services do not involve the use or disclosure of personal health information (PHI), and where access to PHI by such persons would be incidental, if at all.

GLBA applies to financial institutions and includes all businesses, regardless of size, that are "significantly engaged" in providing financial products or services. This includes, but is not limited to, mortgage brokers, nonbank lenders, professional tax preparers, and payday lenders.

FINRA applies to every firm and broker that sells securities to the public in the US, as well as any third-party services they utilize.

SEC applies to financial services and the SEC 17A requirements match those of FINRA.

FERPA protects the privacy of student and education records and applies to all schools that receive funds under an applicable program of the US Department of Education.


How does Eyonic support these standards?

In a continuing effort to ensure data confidentiality, integrity, and availability, Eyonic strives to maintain industry compliance for data protection, handling, and accessibility. To ensure your privacy, Eyonic Systems does not scan, analyze, or index sent, received, or stored content at any time. Online backup requires user authentication to access, and file sharing requires user authentication and/or granted access by the owner of the files. User data is stored in a secure data center with limited access, and no third party access. All sensitive data is transferred using the industry standard in encryption. Information stored with Eyonic Systems does not get viewed or handled by any third party.


What does it all mean?

Private information, medical or otherwise, stored with Eyonic Systems does not get shared, viewed, distributed, monitored, or copied by any third party which helps support different types of compliance for health care organizations, covered entities, business associates, as well as financial institutions and services. Eyonic Systems takes every reasonable safety precaution to protect the integrity of all private information stored within, which provides our customers with the tools needed to work in a compliant manner.