The transcript of FTC Chairman Deborah Platt Majoras’ keynote on February 6 at the RSA conference, “ID Theft and Cyber-crime: Where Thieves Victims, Industry and Government Intersect” is available on the FTC site.
I’ve often stressed how the FTC Act basically applies to all organizations of all sizes in all industries doing business in the U.S. that have been entrusted to handle personal information. Too many organizations still believe that information security privacy issues only need to be handled by healthcare or financial organizations. The FTC has made many published statements to demonstrate that all organizations had better get their act together and implement safeguards for personally identifiable information (PII). Some of the statements within Majoras’ keynote emphasize this.
Archive for the ‘Laws & Regulations’ Category
FTC: Speech Highlights Need for All Organizations To Address Information Security and Privacy & Education On These Topics
Friday, February 9th, 2007Privacy Law: Leahy & Specter File Personal Data Privacy Act of 2007 Bill
Thursday, February 8th, 2007On Tuesday, February 6, U.S. Sen. Patrick Leahy, D-Vt., and Sen. Arlen Specter, R-Pa., filed legislation,the Personal Data Privacy Act of 2007, that would, among other things, require organizations to notify consumers of security breaches as well as mandate the adoption of internal policies to protect personal data. This bill is generally the same as the bill Leahy proposed in 2005 and then again in 2006.
Privacy Breach: Bank in UK Sends Personal Data of 75,000 Customers to 1 Customer Requesting Her Own Statement
Wednesday, February 7th, 2007The Halifax Bank of Scotland sent the complete account information for 75,000 of their customers to one customer who had requested a copy of her own statement.
Software Licensing: Free Tools from the BSA & 10 Steps To Compliance
Tuesday, February 6th, 2007I saw an article published on February 1, “United States: 10 Simple Steps To Ensure Software Licensing Compliance.”
Software Licensing: Free Tools from the BSA & 10 Steps To Compliance
Tuesday, February 6th, 2007I saw an article published on February 1, “United States: 10 Simple Steps To Ensure Software Licensing Compliance.”
HIPAA: Congressional and GAO Reports Say HHS Needs To Make Changes To Protect Patient Privacy
Monday, February 5th, 2007According to a congressional testimony report posted February 1, “Private Health Records: Privacy Implications of the Federal Government’s Health Information Technology Initiative,” the Department of Health and Human Services (HHS) needs to do more to address privacy and security concerns connected with the new technology.
Here is an excerpt from the testimony statement of Senator Daniel K. Akaka:
PCI DSS and GLBA Compliance & Privacy Breach: Lawsuits Filed Against TJX
Sunday, February 4th, 2007Let’s look at the events that have occurred with the recent TJX computer hack and resulting privacy breach and identity thefts:
CAN-SPAM Violation: TJ Web Productions Must Pay $465,000 Fine And Perform Additional Actions for 5 Years
Wednesday, January 31st, 2007Yesterday the U.S. FTC and Department of Justice jointly announced a $465,000 penalty against TJ Web Productions for violating the CAN-SPAM Act.
CAN-SPAM Violation: TJ Web Productions Must Pay $465,000 Fine And Perform Additional Actions for 5 Years
Wednesday, January 31st, 2007Yesterday the U.S. FTC and Department of Justice jointly announced a $465,000 penalty against TJ Web Productions for violating the CAN-SPAM Act.
Puget Sound Energy Ordered to Pay $995,000 For Selling Customer Personal Information
Tuesday, January 30th, 2007Puget Sound Energy, Washington state’s largest electricity and natural gas utility, with over 1 million customers in 11 western Washington counties, was ordered to pay a total of $995,000 in fines for selling their customer information to marketing companies over a five year period. Only 18,992 of the transferred calls during the five years of the marketing program–from November 2001 to March 2006–were subject to penalties because of a two-year statute of limitations, according to the commission statement.
