In this global economy it is important for you to know, understand and follow the data protection laws in all the countries where you have offices, have customers, store personally identifiable information (PII) and from where PII is accessed. Each country has nuances within their laws that could create quite a big obstacle if you are doing business there and find you must suddenly stop because you are out of compliance with their data protection laws.
Posts Tagged ‘policies and procedures’
International PII Data Transfers: New Requirements from Spain
Monday, July 30th, 2007Do You Think Privacy Is Really Dead?
Saturday, July 28th, 2007I occasionally post to the Cutter Consortium blog, and the recent topics there have involved privacy.
Retail Locations Have Unique Challenges With PCI DSS Compliance
Friday, July 27th, 2007I’ve been intrigued lately with PCI DSS compliance. It has all retailers on edge, has multiple vendors drooling, and has spawned new laws and bills, such as in Minnesota and Texas. I’ve had interesting discussions about it with those who process credit card payments, and I’ve been doing some research into the various issues.
Confusing Folks: PHR, PHI, PII, NPPI, and Dozens of Other Acronyms…It’s Still All Personal Information
Wednesday, July 25th, 2007I really enjoy reading survey results. I can’t help myself. Whether the surveys are well-done, sloppy, long, short, statistically accurate or obviously statistically invalid, I still find them interesting. Especially when they cover what the general public and non-IT/non-infosec person thinks or knows about information security and privacy, or some industry-specific issue.
Privacy Initiatives Sincere Or Marketing Ploy?
Tuesday, July 24th, 2007PCI DSS and Identity Theft
Monday, July 23rd, 2007Over the past month or so I’ve been discussing the Payment Card Industry (PCI) Data Security Standards (DSS) with some of my information assurance practitioner friends and colleagues and what they’ve been doing to meet the requirements and accompanying challenges. I was thinking about some of the issues over the weekend.
Insider Threat Example: Payroll Employee Threatens To Illegally Use Other Employees’ PII If Not Given a Good Review
Sunday, July 22nd, 2007Here’s another example of the insider threat similar to situations that I’ve heard of happening many times throughout the years through conversations with folks at conferences and other professional meetings.
Did You Know This About U.S. Bank Check Processing Compliance?
Friday, July 20th, 2007I’m thankful to be able to have my own company of one to do what I enjoy so much with information security, privacy and compliance. I am also an active part of managing the farm business for my family. With these two businesses comes A LOT of paperwork, along with checks that must regularly be sent in to various government agencies.
Norman Borlaug: A Great Role Model for the Power of One
Thursday, July 19th, 2007I have heard many information assurance (IA) professionals, when they are feeling frustrated, angry, or whatever other negative feelings we all have at one time or another, say what they are doing is not making a difference, or say they feel they are looked down upon by others in their organization as a “necessary evil.” They often feel that one person cannot make a difference.
