Blogs

Showing Blog Posts: 31–40 of 77 tagged Compliance

  • California Legislation Adds New Employer Records Management Requirements

    by Stephen Wu on January 13, 2013

    California companies must keep track of records and information management (RIM) requirements for the generation, retention, and disclosure of various records. It is difficult to keep track of all of them. Consequently, it makes sense to devote resources, whether internal or an external consulting firm, to match requirements to the types of records that they use. Last year, a trio of new pieces…

  • New Illinois Social Media Privacy Law

    by Stephen Wu on November 12, 2012

    On January 1, 2013, new Illinois legislation will go into effect, which will limit employers' ability to gain access to employees' or job candidates' social media content. The legislation, HB3782, bars employers from requesting or requiring any employee or prospective employee to provide a password or related social networking account information. After news reports early this year talked about…

  • PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance - 3rd edition

    by Ben Rothke on October 22, 2012

    PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is now out in its 3 rd edition. My review of the 2 nd edition is here. While much of PCI has pretty much stayed the same; in the two years since the 2 nd edition came out, the PCI DSS standard itself has moved from version 1.2 to 2.0. Like the other editions of the book, it provides a comprehensive and clear…

  • New California Social Media Privacy Legislation

    by Stephen Wu on October 8, 2012

    On September 27, 2012, California Governor Jerry Brown signed two pieces of legislation intended to protect the privacy of social media accounts. The first, AB 1844, covers employees, and the second, SB 1349, covers students at postsecondary educational institutions. I wrote an earlier post about how some employers are demanding that employment applicants give them their Facebook user names and…

  • New Amendments to the Vermont Breach Notification Law

    by Stephen Wu on September 10, 2012

    Vermont recently amended its security breach notification law with a number of changes. Included in the amendment are changes to the definition of "security breach," guidance on determining whether a breach has occurred, a 45-day deadline for notification, and a requirement of notifying the attorney general of a breach. The legislation, H.254, became Act 109 following the governor's signature. For…

  • Smart Cars and eDiscovery

    by Stephen Wu on August 16, 2012

    I heard an interesting radio show on NPR the other day. Auto manufacturers are rolling out the next generation of cars that try to implement the lessons the phone manufacturers learned from Apple, Google, and others. Let's put screens on cars, and give them apps, they say. Let's do for the car what iOS and Android did for phones and tablets. Cars dashboards should have apps, just like any other…

  • Ally's Picks - Garage Sale Forensics

    by Ally Lorentson Dunn on August 14, 2012

    One of the most interesting sessions I attended at the conference this year was Mike Wright's presentation on the proper way to destroy your devices. In this session Mike outlines how he was able to obtain dozens of data storage devices from garage sales and thrift stores and upon looking at what was left on them, found a shocking amount of information. His favorite methods for properly disposing…

  • Connecticut Adds AG Reporting to its Breach Notification Law

    by Stephen Wu on July 1, 2012

    On June 15, 2012, Connecticut Governor Dan Malloy signed House Bill 6001, legislation to implement provisions of the state budget for the 2012-2013 fiscal year. Included in the legislation was a series of amendments to Connecticut’s breach notification law. The most significant set of amendments to the breach notification law added a requirement to report breaches to the Connecticut Attorney…

  • Social Media Privacy Legislation Update

    by Stephen Wu on May 30, 2012

    Back in March, I wrote about new legislation at the state level that would prohibit employers from asking job applicants for their social media user names and passwords. Legislatures in eleven states have introduced social media privacy bills, and in one state, Maryland, one of the bills has become law. The idea behind these laws is that when employers demand that a job applicant disclose his or…

  • First Criminal Case in BP Oil Spill Based on Spoliation

    by Stephen Wu on April 25, 2012

    Yesterday, the first criminal charges in the BP oil spill disaster were unveiled, as the government arrested and charged BP engineer Kurt Mix with obstruction of justice. What was the crime charged? The government charged Mix with obstruction of justice based on Mix allegedly deleting text messages from his iPhone. In other words, the first criminal case in the BP disaster had to do with…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 23 Oct 2014 01:55:55 -0400.
© 2014 EMC Corporation. All rights reserved.