Regulatory Requirements

Government regulators are taking the issue of compliance more seriously then ever before, imposing harsh penalties on those that don't comply - from litigation and massive fines, to in some cases, imprisonment.

FaceTime offers a comprehensive suite of solutions that address the challenge of meeting instant messaging compliance regulations and the security and management of peer-to-peer and other real-time communications for a variety of industries. Our solutions enable businesses to secure application behavior on the network, manage user policy, and simultaneously comply with strict government regulations requirements while benefiting from the efficiencies of a real-time business.

Read about the myriad of state and federal regulations imposed by the SEC, NASD, NYSE, FDIC, FCC, FERC, HIPAA, MiFID and others and learn how FaceTime solutions help companies ensure compliance of IM in collaborative, highly-regulated environments.

Industry	Regulator/ Regulation	Impact
All	US Federal Courts - Federal Civil Rules of Procedure #26-35	Effective December 1, 2006, this legislation requires organizations to keep track of these and other electronic records and be able to produce "electronically stored information" as part of the e-discovery process.
Financial Services Investment Banks, Broker/Dealers, Mutual Funds, Investment Advisors	Sarbanes Oxley (SOX) NASD 2210, 3010/3110 SEC 17-a/34 SEC 204-2 NYSE 342, 372, 440	IM defined as electronic communication "book and record," required to be logged, audited and archived.
Banking	Sarbanes Oxley (SOX) NASD 2210, 3010/3110 SB1386 in CA Gramm Leach Bliley Act (GLB) USA Patriot Act (USPA) FDIC	IM defined as electronic communication "book and record". GLB requires security of customer information. USPA requires record retention of suspicious communications associated with money transfer and laundering. FDIC provides guidance on security and management of IM. Learn more about commercial banking regulations.
Federal Government	Department of Defense (DOD)	DOD Directive 5015.2 sets standards for records retention, including IM.
Life Sciences/ Healthcare	Health Insurance Portability and Accountability Act (HIPAA)	HIPAA requires retention of patient records during clinical trials by med/pharma companies and privacy of patient records, including patient information shared over IM.
Energy	Federal Energy Regulatory Commission (FERC)	IM defined as electronic communication "book and record". FERC requires the logging and auditing of transaction-related information.
Telecom	Federal Communications Commission (FCC)	Extensive record keeping and storage requirements. Supervision and index of books and records required.
Investment Services (Europe)	Financial Services Authority (FSA)	Markets in Financial Instruments Directive (MiFID): IM is required to be recorded when orders are received over this electronic communication medium. Data must be stored for a three year period in a format readily accessibly by the FSA, and it must not be possible to alter or manipulate the records.

Defense in Depth

Only FaceTime offers a complete Defense in Depth approach for end-to-end management, security and compliance of IM for regulated companies. The Defense in Depth approach includes two key components:

IMAuditor in the LAN to enable user policy management, hygiene (anti-spIM, anti-virus), regulatory and corporate compliance, archiving and logging, and identity management.

RTG in the LAN or the corporate DMZ to guard against sophisticated workarounds and ensure compliant and authorized use.