In case you didn’t hear about it yet, President Bush just signed into law changes to the U.S. Foreign Intelligence Surveillance Act (FISA) that, among other things, grants immunity to telecom companies that cooperate with the secret warrantless wiretap program.
Posts Tagged ‘regulatory compliance’
FISA Change Gives Telecoms Immunity; Headaches Ahead For Businesses?
Thursday, July 10th, 2008Laws & Regulations Require Security & Privacy Training & Awareness
Wednesday, July 9th, 2008I’m in the final weeks of creating some privacy breach training courses that will not only help personnel to prevent privacy breaches, but also help support compliance with the FACTA Red Flags rule, the at least 45 U.S. privacy breach notice laws, plus many other laws and regulations.
Over the past decade+ there have been a large number of laws, regulations and industry standards that have specifically stated the need for organizations to provide information security and privacy training and awareness to their personnel.
Information Security and Privacy Education Lesson Fines And Court Penalty Judgments
Tuesday, July 8th, 2008My July issue of “IT Compliance in Realtime” has been published!
This month I continue to focus on the importance of information security and privacy training and awareness to not only improve security and privacy preservation, but also to meet a very wide range of compliance requirements. The first article in this month’s Journal is, “Information Security and Privacy Education Support Compliance.” Download the PDF of the full Journal issue for the formatted, best-looking version.
Here are the first couple of sections from that article…
E-Discovery Decision Demonstrates Need For Effective Retention Practices: A Great Case Study For E-Discovery Training
Monday, January 7th, 2008I’m still catching up on December news…and I ran across a significant e-discovery ruling. The U.S. District Court for the Central District of California ruled December 13, 2007, that Justin Bunnell/www.TorrentSpy.com was guilty of “willful spoliation of evidence” violating the E-Discovery Rule in the suit Columbia Pictures, Inc. brought against them for copyright infringement.
Reading through the court records, it is really amazing how blatantly the defendent violated what seemed to be almost every e-discovery rule possible in this situation. They…
RAM Is Subject To E-Discovery Under Recent Ruling: Talk With Your Legal Counsel About The IT Issues
Friday, June 29th, 2007Late last year I blogged about the new E-Discovery Rule that took effect on December 1, 2006.
I wrote “The Business Leader Data Retention and E-Discovery Primer” discussing the issues, and I also wrote an article discussing the e-discovery issues for which IT must be involved, “E-Discovery Quagmires.”
Does Using “Certified” Software Products Improve Compliance?
Thursday, May 17th, 2007It seems the term “certified” is being used more and more…for professionals, hardware, software, you name it.
You see software vendors touting that their products have been certified and that they will help companies meet “compliance,” but I have found very little research into what this really means, or if it means anything at all.
Reducing Attack Exposure for Internet-Facing Applications
Thursday, May 3rd, 2007Yesterday the Channel 12 news in Jackson, Mississippi reported a Kennesaw, Georgia business had its Internet-facing computer system hacked. That business’s application is “now generating thousands of counterfeit messages to businesses and consumers, purporting to be a complaint filed with the BBB.”
New Study: More Confirmation That Spam Costs Businesses Significant $$
Wednesday, May 2nd, 2007On April 2 Nucleus Research, Inc. released a study, “Spam: The Repeat Offender” which reports that, according to a survey of 849 email users, 90% of all email going into company networks is spam, and 66% of spam gets through corporate filters.