IT Compliance Advisor:

May, 2009

May 29, 2009  4:21 PM

White House releases cybersecurity report on cyberspace policy

Posted by: GuyPardon
cybersecurity, Government, Melissa Hathaway, National security, Technology, United States Department of Homeland Security, White House

Earlier today, the White House released a long-awaited cybersecurity report, including a video (below) featuring commentary and perspective from officials and experts: [kml_flashembed...

May 27, 2009  4:51 PM

Zero liability limits legal recourse for PCI data breach violations

Posted by: Scot Petersen
compliance, credit card, data breach, Hannaford, Heartland, PCI, podcast

May 21, 2009  4:11 PM

Watch that carbon footprint: Running a sustainable business

Posted by: Scot Petersen
Al Gore, carbon, compliance, sustainability

Get used to it. Regardless of what you may think about Al Gore or climate change, if you are running a business you are going to have to start paying attention to your carbon footprint. Governments and businesses around the world already think quite a bit about it. Tough, enforceable regulations...

May 18, 2009  4:51 PM

What will compliance with the Massachusetts data protection act mean?

Posted by: GuyPardon
201CMR17, data protection, Information privacy, Law, MA data protection law, Massachusetts, Massachusetts Senate, privacy, regulatory compliance, Security

A bill being discussed in the Massachusetts Senate proposes major changes to MA GL 93H, the Data Breach Notification Act. These changes could in turn result in revisions to

May 18, 2009  12:58 PM

Podcast: OWASP’s Hess on security and compliance in the cloud

Posted by: GuyPardon
Application security, Chief information security officer, cloud compliance, Cloud computing, compliance, Health care, OWASP, podcast, Security

Georg HessToday’s episode features an interview with Georg...

May 11, 2009  3:35 PM

Understanding the risk of penalties for violating data privacy laws

Posted by: SarahCortes
compliance, data privacy, Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, FTC, Health Insurance Portability and Accountability Act, laws, privacy, regulations, regulatory compliance, Sarbanes-Oxley Act, United States Department of Health and Human Services, USA Patriot Act

The "Massachusetts Data Privacy Law? We call it 'the toothless wonder,'" laughed one smug senior technology executive from a prominent high-tech firm at a MIT industry gathering April 30 in Cambridge, Mass. But not everyone is laughing. In April 2008,

May 6, 2009  4:32 PM

Red Flags Rule delay reveals troubling pattern developing

Posted by: Scot Petersen
data leakage, data protection, FTC, MA data protection law, PCI, Red Flag Rule

May 1 passed without the raising of the Red Flags: The Federal Trade Commission announced a delay in the enforcement of the Red Flags Rule, which requires companies to come up with programs to detect and...

May 6, 2009  11:16 AM

New on our compliance blogroll: Think Privacy

Posted by: GuyPardon
Blogroll, Cloud computing, compliance, Federal Trade Commission, identity theft, privacy, Red flag, Red Flag Rule, Security

We noticed a new blogger joined ITKE this May Day: Matthew Barach, Esq. CIPP/G.

As his bio notes, Barach, is the founder of

May 5, 2009  6:03 PM

A certified security professional is not a compliance guarantee

Posted by: Scot Petersen
certifications, compliance, cybersecurity, DHS, DoD, forensics, ICE, licensing, NSA

Compliance and security consultant and TechTarget contributor Kevin Beaver checked in about the Cybersecurity Act of 2009, aka the kill-switch bill. He agrees with some other experts I've talked...

May 5, 2009  12:37 PM

Podcast: HITECH Act adds new compliance requirements, penalties

Posted by: GuyPardon
compliance, Google, Health care, Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, HITECH Act, Information security, Information technology, podcast, Security

Rebecca HeroldThe

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: