| Regulation | Law | Act |
Description |
Penalties |
Sarbanes / Oxley Act
Section 802 |
Knowingly altering, destroying,
concealing or falsifying any
document with the intent to obstruct
or influence federal agency or
bankruptcy proceedings.
Failure to retain audit related
paperwork for required retention periods.
|
Fines up to $1M
and/or 20 years
imprisonment.
Fines and/or
10 years
imprisonment.
|
|
Sarbanes / Oxley Act
Section 1102 |
Acting or attempting to corrupt, alter, destroy,
mutilate or conceal a record or
other object
with the intent to impair its integrity
or availability
within an official proceeding.
|
Fines and/or imprisonment of up to 20 years.
|
|
| The Health Insurance Portability and Accountability Act |
Covered entities must maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information.
Covered entities must ensure security of and access to information that is currently in storage. Such information must be maintained for 6 years from the date of its creation or 6 years from the date for which it was last in effect, whichever is later.
|
Up to $50,000 and/or 1 year imprisonment - Wrongful disclosure.
Up to $100,000
and/or 5 years imprisonment - Wrongful disclosure under false pretences.
Up to $250,000
and/or 10 years imprisonment - Wrongful disclosure, false pretences,
intent to illegally sell, transfer, or use.
|
|
European Union Directive
95/46/ec, Article 17 |
Requires the implementation of appropriate technical and organizational measures to protect individuals personal information from: accidental or unlawful destruction, accidental loss, alteration, unauthorized access, and unauthorized disclosure of personal/identifiable data.
|
Potential sanctions instituted by EU Member State in which injured party was a citizen.
|
|
Federal Rules of Civil Procedure
Rule 26 |
Delayed delivery, destruction of or failure to retain material information relevant to the claim or defense of any party. Applies to e-mail, writings, drawings, graphs, charts, photographs, phone records, and other data compilations.
|
May result in sanctions, and/or a presumption by potential jurors of the materials potential damage.
|
|
Sec Rule 17a-4(b) (4)
NYSE Rule 440
NASD Rule 3110
|
Requires member organizations to preserve received originals and copies of sent business related communications for 3 years and to keep such communications in an easily accessible place for the first 2 years
|
Fines and/or sanctions
|
|
| 21 CFR Part 11
|
Requires all FDA-regulated businesses to follow technical and procedural standards for the processing, storage, security, and retention of electronic records and electronic signatures.
|
FDA sanctions may range from public statements and fines to closing the organization
|