Security Privacy and Compliance

NEXT GENERATION COMPLIANCE

The next-generation brain science platform must leverage the best security frameworks, standards, and global privacy and compliance requirements. These barriers constrain discoveries.

HIPPA - Health Insurance Portability and Accountability Act https://www.hhs.gov/hipaa/index.html

HITECH - Health Information Technology for Economic and Clinical Health Act https://compliancy-group.com/what-is-the-hitech-act/ 

HITRUST CSF 9.4 https://hitrustalliance.net/product-tool/hitrust-csf/

EU-GDPR - The General Data Protection Regulation (GDPR) https://gdpr.eu/

FedRAMP - The Federal Risk and Authorization Management Program (FedRAMP) https://www.fedramp.gov/

NIST - National Institute of Standards and Technology https://www.nist.gov/

NIST – Computer Security Resource Center https://csrc.nist.gov/

ISO/IEC 27001 https://www.iso.org/isoiec-27001-information-security.html

FAIR Principles - Four foundational principles - Findability, Accessibility, Interoperability, and Reusability https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4792175/

TRUST Principles for digital repositories - https://www.nature.com/articles/s41597-020-0486-7 

GA4GH The Global Alliance for Genomics and Health (GA4GH) ga4gh.org

FISMA Federal Information Security Management Act https://www.cisa.gov/federal-information-security-modernization-act 

FIPS 140-3 Federal Information Processing Standard - Security Requirements for Cryptographic Modules https://csrc.nist.gov/publications/detail/fips/140/3/final

CISA The Cybersecurity and Infrastructure Security Agency (CISA) https://www.cisa.gov/

VA Privacy Services  https://www.oprm.va.gov/privacy/resources_privacy.aspx

DOD SRGL4 - Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) https://aws.amazon.com/compliance/dod/

FDA 21 CFR 11 https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application

FDA Data Integrity and Compliance (CGMP) https://www.fda.gov/regulatory-information/search-fda-guidance-documents/data-integrity-and-compliance-drug-cgmp-questions-and-answers-guidance-industry

US CERT – United States Computer Emergency Readiness Team https://us-cert.cisa.gov/

BIDS Brain Imaging Data Structure https://bids.neuroimaging.io/

CCPA - California Consumer Privacy Act of 2018 https://oag.ca.gov/privacy/ccpa

IEEE Security & Privacy https://www.ieee-security.org/TC/SP2021/cfpapers.html 

ACM Transactions on Privacy and Security (TOPS) https://dl.acm.org/journal/tops

HMS