Yesterday the U.S. Securities and Exchange Commission (SEC) approved new guidance documents for SOX Section 404 compliance, modernization of smaller company capital — raising and disclosure requirements, and voted to adopt final rules to implement the Credit Rating Agency Reform Act of 2006.
Archive for the ‘Laws & Regulations’ Category
SEC Approved Multiple Compliance Guidance and Rules Documents For SOX, SMBs and Credit Rating Agencies
Thursday, May 24th, 2007Inefficient Compliance Activities Costs $$: Survey Says SOX Compliance Costs Were Down In 2006, But They Should Have Been Down More
Wednesday, May 23rd, 2007On May 16 Financial Executives International (FEI) announced the results of their sixth Sarbanes-Oxley (SOX) compliance survey, based upon a poll of 200 companies subject to SOX. They’ll charge you $99 for the report if you aren’t an FEI member.
However, they give you some teasers on their site:
Many New U.S. State and Federal Privacy Bills Introduced, and Some New State Data Protection Laws Signed
Monday, May 21st, 2007Boy oh boy, do we ever need a comprehensive federal data protection law in the U.S.! Each week more and more state level laws are introduced, many of them passed, all dealing with different aspects of data protection, and all impacting and complicating an information security and privacy professional’s responsibilities.
This past week was a busy one with a flurry of new and updated bills related to protecting privacy introduced, and a few new state laws.
The Importance of Policies…Breathalyzer = Drug Test = Physical Search = 4th Amendment Violation?: Iowa High School Students Given Breathalyzer Tests at the Prom
Thursday, May 10th, 2007I’m always interested in reading about information security and privacy issues reported here in the heartland.
A story in my local daily paper, the Des Moines Register, caught my eye and filled my thoughts today and points out, among other things, the importance of having policies and communicating them.
Two U.S. Federal Data Protection Bills Approved: One May Actually Make It Through
Wednesday, May 9th, 2007It looks like we make actually get a federal data protection law, that includes breach notice requirements, this year. Such a law is long overdue; not only to protect personally identifiable information (PII), but also to help businesses to resolve their growing headaches involved with trying to comply with at least 36 state breach notice laws as well as dozens of other state level data protection and credit freeze laws, and multiple industry-specific data protection laws.
Deadline is Today for Submitting Comments to the DHS About Draft REAL ID Rules
Tuesday, May 8th, 2007The Department of Homeland Security (DHS) published draft rules regarding REAL ID. Comments are due by 5:00 PM Eastern Time *TODAY*.
France Fines Tyco Healthcare: U.S. Companies, You MUST Know and Follow International Data Protection Laws
Monday, May 7th, 2007In April the French Data Protection Authority (CNIL) reported they had issued a $40,972 fine against a subsidiary of U.S.-based Tyco Healthcare in March for inadequate storage safeguards and cross-border transfer of employee personally identifiable information (PII).
Employee Privacy & New Credit Check Law In Washington State Impacts Employers: Joins Similar Laws In 4 Other States
Friday, May 4th, 2007Doing background checks on potential employees, and regularly for certain positions with significant access to personally identifiable information (PII) or managemen capabilities, has been a growing trend in recent years. Such checks are viewed as ways to help prevent putting untrustworthy and significant at-risk individuals into positions where they could perform malicious and/or criminal activities.
