IT Compliance Advisor

Dec 23 2009   2:04PM GMT

Email to the Editor: Federal data breach law needs enforcement to work



Posted by: GuyPardon
Tags:
compliance
data breach
federal data breach
Law

Earlier this month, the U.S. House of Representatives passed the Data Accountability and Trust Act, H.R. 2221, the first step toward a comprehensive national data breach notification law. As I wrote in the news story, if the U.S. Senate can reconcile the bills proposed there with the House Version, a new federal data breach standard will emerge.

At least one reader wasn’t so sure, however, that any federal data breach notification law is worth the paper it’s printed on without enforcement:

“The point never discussed with this or any other law, process or procedure is that without assertive enforcement – active, visible and without remorse – this initiative will be of no more use than any of the others currently enacted. At best, a paper tiger. At worst, a smoke-screen that protects the guilty and places the innocent at even greater risk.

The concept of burying a problem under mountains of paper (or rhetoric) has long been demonstrated to be no answer to the issues and real dangers facing today’s and tomorrow’s world.”

-Ken Bumgarner, IWWIT, U.S. Consultant, Senior Systems and Security Engineer, Information Security Department, National Information Center, Ministry of Interior, Riyadh, Kingdom of Saudi Arabia

I’ve written in the past about enforcement of data protection laws, specifically with regards to the amended Massachusetts data protection law. The enforceability of a regulation is critical to its passage and success, as are meaningful penalties. Even more important, in this writer’s opinion, is the likelihood of that enforcement.

Thanks to Mr. Bumgarner for writing in.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: