Governments (local, state, national, and international) and industry groups set guidelines and formal rules of compliance for different types and sizes of businesses. Individual companies can also establish specific compliance rules for their partners that want to do business with them. For example, the credit card networks work together to establish the rules for proper handling of all credit card information, while the credit reporting company Experian sets its own guidelines for companies wishing to partner with it. The U.S. government introduced compliance standards for the sharing of health data through the Health Insurance Portability and Accountability Act of 1996. Business compliance standards often evolve, so companies following them must monitor the specifics carefully and regularly. Many compliance guidelines require annual audits to confirm adherence to the latest standards.
The most common types of business compliance govern the following:
Personal data - Collection, storage, and sharing of information, including tax IDs and credit card numbers
Cyber security - Efforts to prevent hacks by third parties
Financial reporting - Accounting disclosures, particularly for companies that are publicly held or planning to be in the future