Articles on Privacy and Security Laws and Regulations

In this article Mahmood Sher-Jan and I discuss how to employ effective metrics to comply with health care regulations.

This paper, published by Oxford University Press, discusses the need for privacy and security programs to collaborate.

After performing many BA security and privacy program reviews, I identified 10 common indicators of serious problems with BA information security and privacy programs. Does your company have any of these problems?

This document contains a list of U.S. breach notification laws and the date in which they go into effect.
The list was updated on April 15, 2010

There are four common misconceptions about breach notice laws. Do you know what they are?

See the trends of non-compliance to HIPAA, especially in a weak economy.

To help you justify business partner reviews, this article cites specific laws and contractual requirements that mandate such reviews.

This article discusses the ramifications of the USA Patriot Act and advice on determining the affects on your organization.

This article discusses the act and highlights some of the act's requirements. For example, did you consider that children should be able to understand the required Privacy Notice?

This article gives advice on complying with the California state law that helps reduce identity theft. Remember, the law could affect an organization that has a customer in that state.

This article covers record retention that is required by many regulations.

This article discusses concerns and myths of security and privacy regulatory compliance of small and medium sized business. Links to tools to help these businesses protect their information resources are provided.

Is your organization prepared for e-discovery? Odds are it is not. Read an introduction to e-Discovery requirements and how to comply with the rules.