top of page
Compliance Regulations

Compliance

Our BreezN software is hosted on the Microsoft Azure Cloud, which allows you to scale globally while relying on industry-leading data security systems to meet compliance regulations.

How to Meet Compliance Regulations with Visitor Management

Meeting compliance requirements shouldn’t be a burden for your organization, and we help you meet those requirements with our visitor management system. We have experience working with organizations throughout various industries, and we understand the different challenges and needs each specific industry faces when meeting these requirements. Our visitor management software, BreezN, helps businesses mitigate security risks and avoid fines.

General Data Protection Regulation (GDPR)

European Union’s General Data Protection Regulation (EU GDPR) was created with the purpose of regulating the way EU citizens’ personal data is protected by companies, and of replacing the current Data Protection Directive 95/46/EC.

 

Organizations that operate within the EU or that process EU citizens’ data must make sure they adapt to the new Regulation and become compliant, or they will subject to stiff penalties and fines.

 

GDPR requirements apply to each member state of the European Union, aiming to create more consistent protection of consumer and personal data across EU nations. Some of the key privacy and data protection requirements of the GDPR include:

 

  • Requiring the consent of subjects for data processing

  • Anonymizing collected data to protect privacy

  • Providing data breach notifications

  • Safely handling the transfer of data across borders

  • Requiring certain companies to appoint a data protection officer to oversee GDPR compliance

 

Our cloud-based visitor management software, BreezN, helps companies better protect and manage personal data effectively. Veristream offers a platform that is secure and reliable when it comes to data processing and procedures, data management, and customizability. Your organization has more control and a modern approach to comply with this regulation.

 

 

How does Veristream help your company?

​

  • Data Transparency: Let visitors know what data is processed, why you’re capturing the data, and if you intended on sharing it with anyone. 

  • Data Processing: Different visitor roles can limit and determine what data is collected, and customizable user roles prevent unauthorized access to visitor data.

  • Data Exports: Data can be easily be organized, sorted, and exported at any time in order to provide a visitor with records of their personal data collected.

  • Data Deletion: Our BreezN software has a “right to be forgotten/delete identifiable information” button built right into the dashboard.

  • Data Storage: Every customer gets their own isolated, unique BreezN environment built in the Azure Cloud. 

  • Data Encryption: All data is encrypted in motion and at rest. Moving data is encrypted with TLS 1.2, and data at rest is encrypted using AES-256 bit encryption. 

  • Breach Notification: In the unlikely event there is a data breach, you can quickly notify all of your visitors

 

Read more about GDPR 

https://eugdpr.org/the-regulation/

 

 

Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA compliance.

 

 

How does Veristream help your company?

 

  • Limit facility access

  • Security alerts if an unauthorized visitor attempts to access your facility

  • Screen visitors against internal and/or government issued watchlists 

  • Authenticated and encrypted data

  • All data is encrypted in motion and at rest. Moving data is encrypted with TLS 1.2, and data at rest is encrypted using AES-256 bit encryption.

  • Protect electronic systems, equipment, and data

  • In the unlikely event there is a data breach, you can quickly notify all of your visitors within the 60-day window required by HIPAA

  • Verify a visitor’s identity with ID scanning

  • Photo printed on visitor badge

 

Read more about HIPAA

https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/index.html

 

 

International Traffic in Arms Regulations (ITAR) 

International Traffic in Arms Regulations (ITAR) is a set of export control laws aimed to prevent sensitive information from getting into the hands of foreign nationals. All manufacturers, exporters, and brokers of defense articles, defense services, and related technical data are required to be ITAR compliant or ITAR certified. 

 

 

How does Veristream help your company?

 

  • Verifies whether visitors are, or are not, U.S. citizens

  • Sign documents like a non-disclosure agreement (NDA), a technology control plan (TCP) briefing, etc.

  • Keeping a record of everyone who enters the facility

  • Customize what visitor data is captured based on visitor types

    • Include country of origin or citizenship on the badge

    • Host name and/or room number

    • Include whether an escort is required 

  • Verify a visitor’s identity with ID scanning, and having a photo printed on their badge

  • Instant, automatic host notifications

  • Reduces cost and errors

  • Meet due diligence requirements

  • Security alerts if an unauthorized visitor attempts to access your facility

 

 

These features also support compliance with the Export Administration Regulations (EAR). EAR controls the export of “dual-use” items, i.e., goods and related technology designed for commercial purposes, but which could have military applications, such as computers, aircraft, and pathogens. The list of controlled items (CCL) covers the following ten categories:

 

  1. Nuclear materials, Facilities and Equipment, and Miscellaneous

  2. Materials, Chemicals, Microorganisms, and Toxins

  3. Materials Processing

  4. Electronics

  5. Computers

  6. Telecommunications and Information Security 

  7. Lasers and Sensors

  8. Navigation and Avionics

  9. Marine

  10. Propulsion Systems, Space Vehicles, and Related Equipment

 

 

Read more about EAR

https://www.bis.doc.gov/index.php/regulations/export-administration-regulations-ear

 

 

Read more about I-TAR

https://www.pmddtc.state.gov/?id=ddtc_kb_article_page&sys_id=4f06583fdb78d300d0a370131f961913

 

Customs-Trade Partnership Against Terrorism (C-TPAT)

C-TPAT, or the Customs-Trade Partnership Against Terrorism, is a U.S. Customs and Border Protection program that ensures the safety of all goods entering the United States. C-TPAT is like a TSA Pre-check for containers arriving in the U.S. from foreign suppliers. A voluntary program, C-PTAT holds importers responsible for implementing best practices for security across their supply chain to avoid running into any problems when products arrive at the border.

 

C-TPAT involves several processes, but its foundation is visitor management. Required best practices include taking photos of all visitors, issuing ID badges and keeping records in a visitor database – exactly what a compliance-friendly visitor management system is designed to do.

 

 

How does Veristream help your company?

 

  • Verify a visitor’s identity with ID scanning

  • Photo printed on visitor badge

  • Database of visitor records

  • Security alerts if an unauthorized visitor attempts to access your facility

  • Screen visitors against internal and/or government issued watchlists 

  • E-sign NDAs or other documents

  • Printed ID badges with

    • Photo

    • Customizable fields

  • Thermal-activated visitor ID badges featuring expiration markings

  • Instant, automatic host and/or escort notifications

 

Read more about C-TPAT

https://www.cbp.gov/sites/default/files/documents/Best%20Practices%20Pamphlet%202009.pdf

 

 

bottom of page