IT Compliance Advisor:

August, 2009


August 28, 2009  5:01 PM

Email to the editor: ‘Data security: The missing piece of e-discovery’



Posted by: GuyPardon
compliance, cyberlaw, e-discovery

This post below is an email to the editor received from Robert DeFazio of Calabria Consulting, responding to Data security: The missing piece of e-discovery” by Paul Roberts. This views expressed are...

August 28, 2009  1:46 PM

Information technology: Key enabler to a sustainability strategy



Posted by: Scot Petersen
ROI, ROS, strategy, sustainability, sustainable

Adam Werbach is Global CEO of Saatchi & Saatchi S, a sustainability agency, and author of a new book, Strategy for Sustainability. Werbach writes that, “sustainability initiative(s) must be core to...


August 26, 2009  3:15 PM

Twitter security hole highlights need for a social media policy today



Posted by: GuyPardon
Cross-site scripting, identity theft, Phishing, Security, Social network, Twitter

Once again, Twitter security is in the headlines. Yesterday, SEO expert Dave Naylor posted that James Slater had found a


August 25, 2009  5:29 PM

Capability and Maturity Model Creation in Information Security



Posted by: GuyPardon
CMM, compliance, Information security, Information security management system, International Organization for Standardization, Payment card industry, PCI DSS, Security

This is a guest post from Secure Payments and Chaordic Design Evangelist Michael Dahn. He blogs frequently about PCI and information security at ChaordicMind.com. Contact him there or follow @sfoak on...


August 21, 2009  4:10 PM

Clarifying mobile encryption requirements for 201 CMR 17.00 compliance



Posted by: GuyPardon
201 CMR 17.00, business, Chief information officer, CIO, compliance, data protection, encryption, IT compliance, Mobile phone, Open source, Personally identifiable information

When I reported on amendments to the Massachusetts data protection law earlier this week, one of the comments that undersecretary of consumer affairs Barbara Anthony made was a point of interest...


August 20, 2009  6:09 PM

Amended Massachusetts data protection act focuses on risk management



Posted by: SarahCortes
201 CMR 17.00, compiance, consumer protection, data protection, Federal Trade Commission, FTC, Gramm-Leach-Bliley Act, Information security, IT compliance, Massachusetts’ Data Privacy Law, privacy, regulation, risk management, Security

As Alexander Howard reported earlier today, the Massachusetts data protection law has been amended. The revised data privacy regulations -- 201 CMR 17.00, “Standards for the Protection of Personal...


August 19, 2009  9:03 PM

The impact of Stengart v Loving Care on employee online privacy



Posted by: GuyPardon
compliance, cyberlaw, Electronic Communications Privacy Act, email, online privacy, precedent, privacy, Security, social media, Stengart v Loving Care

This is a guest post from SearchCompliance.com contributor Andrew M. Baer, Esq. You can follow him at @baerbizlaw on Twitter. The Stengart v. Loving Care case...


August 18, 2009  4:53 PM

3 social media questions for compliance officers to consider



Posted by: GuyPardon
compliance, Facebook, LinkedIn, Online Communities, privacy, social media, Social network, Twitter

My recently published series on online privacy and social media compliance is resulting in some feedback from our audience, as you might imagine. Scott Crawford, managing research director for...


August 17, 2009  9:22 PM

201 CMR 17 FAQ: Updates to Massachusetts data protection law



Posted by: GuyPardon
201CMR17, compliance, data protection, encryption, FTC, Information privacy, Information security, Personally identifiable information, privacy, Security

Earlier today, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) issued an update to 201.CMR.17, the


August 13, 2009  6:38 PM

Standards aren’t security: PCI compliance and Heartland’s data breach



Posted by: GuyPardon
compliance, Heartland Payment Systems, PCI compliance, PCI DSS, Security, standards

As of Aug. 10, the Identity Theft Resource Center had reported 333 data breaches in 2009,...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: