-
Legislation aims to expand breach notification obligations
Posted on February 1st, 2011 No commentsIn the past two months, lawmakers in Virginia, Oregon and California have introduced legislation that would expand the scope of certain security breach notification requirements.
See the article here:
Legislation aims to expand breach notification obligations -
FTC's Red Flags Rule Slated to Take Effect – Congress Tries Another Fix
Posted on November 28th, 2010 No commentsIn the latest legislative initiative, on November 17, 2010, representatives Adler (D-NJ), Broun (R-GA) and Simpson (R-IN) advanced a bill (HR 6420) that seeks to limit the scope of the FTC’s Red Flags Rule by amending the Fair Credit Reporting Act’s (FRCA’s) definition of “creditor.”
See the article here:
FTC's Red Flags Rule Slated to Take Effect – Congress Tries Another Fix -
ID Theft Red Flags Rule: Agencies Release FAQs
Posted on June 11th, 2009 No commentsNew Document Tackles Scope, Definitions and Other Common Issues Found During Red Flags ExamsThe federal banking regulators and the Federal Trade Commission today issued a set of frequently asked questions (FAQs) to help financial institutions and other businesses comply with the ID Theft Red Flags Rule.
See original here:
ID Theft Red Flags Rule: Agencies Release FAQs -
PCI Service Provider Contracting
Posted on June 11th, 2009 No commentsAs an attorney focusing on information security and privacy issues, I often get called in to assist companies to understand their legal liability risk around the PCI (self) regulatory system. One of the key areas I get involved in is service provider relationships, and in particular section 12.8 of PCI and service provider contracts. There are many aspects of 12.8 (and its subsections) that are potentially ambiguous and open to interpretation, but this particular article is not going to focus on those
Continue reading here:
PCI Service Provider Contracting
Recent Comments