Professional Documents
Culture Documents
Blockchainn &data Regulation
Blockchainn &data Regulation
•Commander and Lieutenant Method: In this method, there's a leader (the commander)
who sends orders to several lieutenants. The commander collects the responses from all
lieutenants and makes a decision based on the majority response. It's like a general
directing multiple officers and making a choice based on what most of them agree on.
•Unforgeable Signatures: Imagine a scenario where each message sent has a special,
unique signature attached to it. These signatures are like personalized stamps that only
the authorized sender possesses. When a message arrives, everyone can verify if it's
genuine by checking the sender's signature. If the signature matches the expected one,
the message is considered authentic and unaltered.
Data regulations & security
• Standards and Regulations: These are guidelines and rules that define how data
should be handled, stored, and protected. They're necessary to ensure data is secure
and handled responsibly. For example, PCI DSS (Payment Card Industry Data Security
Standard), HIPAA (Health Insurance Portability and Accountability Act), and GDPR
(General Data Protection Regulation) are some regulatory frameworks ensuring data
security in specific sectors.
• HIPAA protects health information, PCI DSS secures cardholder data, GDPR safeguards personal data,
and others like NIST 800-53, ISO 27001, and Sri Lanka's Personal Data Protection Act regulate data
handling.
HIPAA (Health Insurance Portability and Accountability Act) and GDPR (General Data Protection Regulation):
Purpose:
• HIPAA: Specifically focuses on safeguarding Protected Health Information (PHI) within the healthcare industry
in the United States.
• GDPR: Aimed at protecting personal data and privacy rights of individuals within the European Union (EU) and
European Economic Area (EEA).
•Scope:
• HIPAA: Targets healthcare-related data and applies primarily to healthcare providers, health plans, and
healthcare clearinghouses.
• GDPR: Covers all industries and organizations that handle personal data of EU/EEA residents, extending beyond
healthcare.
•Geographical Reach:
• HIPAA: Primarily applies within the United States.
• GDPR: Specifically governs the processing of personal data within the EU/EEA but has global implications for
organizations handling EU/EEA residents' data.
•Data Types:
• HIPAA: Primarily focused on health-related data (PHI and ePHI).
• GDPR: Covers a broader range of personal data.
•Enforcement and Penalties: Both regulations have strict penalties for non-compliance, but GDPR penalties can be
significantly higher.
Data regulations & security
GDPR vs HIPAA