Blogs

Showing Blog Posts: 41–50 of 72 tagged Compliance

  • Another Reason to Have a Security Policy – Your Customer Demands It

    by Stephen Wu on August 25, 2011

    I am always interested to see the dialogue on the listserv of the Information Security Committee (ISC) of the American Bar Association Section of Science & Technology Law. As a former Co-Chair of the ISC and Immediate Past Chair of the Section, I like to see people sharing ideas, tips, and useful documents, such as forms and checklists, that help people do their jobs. One of the recent posts on the…

  • Apple’s iCloud Will Change How We Do eDiscovery

    by Stephen Wu on July 4, 2011

    In June 2011, Apple unveiled its new iCloud service, with the company promoting the next step in moving away from PC-based computing towards a cloud-centric model of computing. Apple’s iCloud service syncs data among devices, supports automatic data backup, and support third party applications which, over time, will presumably permit a wide range of data uses and sharing. Apple’s new service…

  • Is the oil industry due for a little cyber security attention?

    by Gib Sorebo on June 1, 2010

    The legal profession is often seen as having the rather dubious distinction of seeking to profit at the misfortunes of others or, more simply, of being ambulance chasers. As law graduate myself, I don’t dispute that many practicing lawyers get rather aggressive around accident sites. Nonetheless, much of the profession’s bad name derives instead from the highly valuable function they perform, …

  • Books from SAP Press

    by Ben Rothke on May 25, 2010

    I recently came upon SAP Press, an imprint that seems somewhat new. They focus on titles around SAP and NetWeaver. They have a number of books on risk and compliance – see http://www.sap-press.com/categories/Governance%2C-Risk%2C-and-Compliance, which seems to be of value for anyone needed to secure or audit an SAP environment. There does not seem to be any titles specifically around SAP security;…

  • New Mississippi Breach Notification Law

    by Stephen Wu on May 15, 2010

    On April 7, 2010, Mississippi became the 46th state in the U.S. to enact breach notification legislation when the governor signed H.B. 583. The Mississippi House passed the legislation in January, and the Mississippi Senate amended and passed a version of H.B. 583 in March. The legislation covers businesses holding the personal information of Mississippi residents. For a copy of Mississippi H.B. …

  • California Information Security Legislative Update

    by Stephen Wu on May 5, 2010

    Last year, California addressed the disposal of personal information by enacting AB 1094, which provides a safe harbor for storage companies or landlords when they end up with others’ records containing personal information. Governor Schwarzenegger, however, vetoed legislation, SB 20, to enhance the state’sbreach notification law to require notification to the California AttorneyGeneral, in…

  • North Carolina's Amendment to its Breach Notification Law

    by Stephen Wu on April 17, 2010

    Although almost all the states have some form of breach notification law, the legislative process regarding breach notification has not reached an end. Some states are changing their breach notification laws in an effort to enhance their protections. Last July, North Carolina enacted S.B. 1017, which amends the state’s breach notification law. N.C. Gen. Stat. § 75-65. Click here for a copy of S.B. …

  • Missouri's Breach Notification Law

    by Stephen Wu on April 13, 2010

    Missouri became the 45th state to enact a breach notification law. Mo. Rev. Stat. §§ 407.1500.1-407.1500.4. Missouri’s governor signed the enabling legislation, H.B. 62, into law last July. It went into effect last August 28. For a copy of H.B. 62, click here. H.B. 62 covers “personal information” consisting of a name in combination with a driver’s license number, Social Security number, or…

  • Montana's Amendments to Its Breach Notification Law

    by Stephen Wu on April 7, 2010

    Last April, Montana added a public sector breach notification requirement to its existing private sector breach notification law. Mont. Code Ann. § 30-14-1704. The new law, enacted as H.B. 155, went into effect on October 1, 2009. It applies to “state agencies,” and creates a breach notification requirement for agencies maintaining data containing personal information. For a copy of H.B. 155, …

  • Washington's New PCI-Based Card Reissuance Liability Law

    by Stephen Wu on March 27, 2010

    On March 22, 2010, Washington’s governor signed a new law that holds businesses and card processors liable for the cost of reissuing cards following a security breach caused by their negligence. The legislation, H.B. 1149, goes into effect on July 1, 2010. H.B. 1149 § 3 (2010). For a copy of H.B. 1149, click here. Covered businesses are those that process more than 6 million card transactions a…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 26 Jul 2014 05:08:34 -0400.
© 2014 EMC Corporation. All rights reserved.