The integration of software and hardware Delivery

Categories

Archives

Regulatory

Federal and State Regulations
Now Drive Electronic Data Compliance Policies
Individual states are accelerating legislation aimed at preventing data breaches and identity theft

Regulatory Updates:

Key References:

 Failure to protect and destroy private information on CDs, DVDs and harddrives may have catastrophic consequences: financial loss, irreparable damage to a company’s reputation, as well as civil and criminal liability for Directors and Officers.

FEDERAL PROTECTION FOR PRIVATE DATA

Many types of information are now protected by Federal laws such as HIPPA, FACTA, Sarbannes-Oxley, and the Grahmm-Leach-Bliley Act. This data is required by law to be protected from unauthorized access.

STATES MAY BE TAKING THE LEAD IN WRITING NEW REGS

In the meantime, many states are moving forward to write new legislation protecting the privacy of citizens from theft or release of private data. In Florida, proposed house bill HB10181 will require all state agencies and private entities that collect personal information to adhere to the procedures provided in the National Institute of Standards and Technology (NIST) “Guidelines for Media Sanitization” when destroying such information.

California legislation SB 1386, signed into law in September 2002, requires all institutions and organizations that collect certain personal information to protect it against possible “identity theft.” In addition, if an incident occurs that involves the compromise of personal information, the individuals whose personal information may have been compromised must be notified; and, the designated campus authority must notify the Office of the President. IS-3 subsection IV.D describes the requirements that must be met in order to be compliant with law and UC policy.