May, 2009

Watch that carbon footprint: Running a sustainable business

Get used to it. Regardless of what you may think about Al Gore or climate change, if you are running a business you are going to have to start paying attention to your carbon footprint. Governments and businesses around the world already think quite a bit about it. Tough, enforceable regulations...

What will compliance with the Massachusetts data protection act mean?

A bill being discussed in the Massachusetts Senate proposes major changes to MA GL 93H, the Data Breach Notification Act. These changes could in turn result in revisions to

Podcast: OWASP’s Hess on security and compliance in the cloud

Today’s episode features an interview with Georg...

Understanding the risk of penalties for violating data privacy laws

The "Massachusetts Data Privacy Law? We call it 'the toothless wonder,'" laughed one smug senior technology executive from a prominent high-tech firm at a MIT industry gathering April 30 in Cambridge, Mass. But not everyone is laughing. In April 2008,

Red Flags Rule delay reveals troubling pattern developing

May 1 passed without the raising of the Red Flags: The Federal Trade Commission announced a delay in the enforcement of the Red Flags Rule, which requires companies to come up with programs to detect and...

New on our compliance blogroll: Think Privacy

We noticed a new blogger joined ITKE this May Day: Matthew Barach, Esq. CIPP/G.

As his bio notes, Barach, is the founder of

A certified security professional is not a compliance guarantee

Compliance and security consultant and TechTarget contributor Kevin Beaver checked in about the Cybersecurity Act of 2009, aka the kill-switch bill. He agrees with some other experts I've talked...

Podcast: HITECH Act adds new compliance requirements, penalties

The