MN PCI DSS

California Security Breach Information Act (SB-1386) | What You Need to Know.

In short, the California Security Breach Information Act (SB-1386) is a California state law requiring organizations that maintain personal information about individuals to inform those individuals if the security of their information has been breached or compromised. thus, the Act stipulates that if there’s a security breach of a database containing personal data, the responsible entity must notify each and every individual for whom it maintained the information for. The Act, which went into effect July 1, 2003, was created to help stem the alarming growth of identity theft, which has many consumers on the edge and frightened concerning the protection of their personal data.

Here’s what’s important to grasp for a regulatory compliance aspect. The California SB-1386 is a trend that is sweeping the nation and will only continue to grow as concerns for the security of confidential information become more paramount. Gov. Tim Pawlenty signed the MN Plastic Card Security Act, essentially codifying parts of the Payment Card Industry Data Security Standards (PCI DSSS) into law.

Auditors need to be aware of these rules and regulations and their overall impact they can have on an audit, be a SAS 70 audit, HIPAA or GLBA audit or even a PCI DSS Assessment.

Payment Card Industry Data Security Standards | PCI DSS | It’s the LAW in Minnesota

The Minnesota Plastic Card Security Act, signed by MN Governor Tim Pawlenty, essentially has codified various parts of the Payment Card Industry Data Security Standards (PCI DSS) into law. What’s interesting to not is not so much the specifics of what the law actually has to say, but rather it is a sign of a growing trend that is sweeping the nation in many states. Texas and California also have PCI DSS on their minds, as witnessed by recent legislative attempts in these two states to take action on the PCI standards. This essentially, is a sign of the times, as individuals and businesses alike are demanding more security into today’s heightened technology world we live in. The dollar amount being processed by payment cards (debit, credit and gift cards) is absolutely staggering and will only continue to rise in the coming years. The PCI DSS standards, which evolved out of the former VISA CISP data security standards is here to stay and will only grow over time. As a PCI-QSA, my advice to merchants and service providers who have to become PCI DSS compliant. Learn all you can about the PCI DSS standards and how they ultimately affect your organization. Remember, knowledge is power.