IT Compliance Advisor:



October 27, 2009  7:43 PM

Schwarzenegger vetoes California data breach notification bill SB 20

Posted by: Scot Petersen
California Data Security and Privacy Law, data breach, encryption, Massachusetts Data Security and Privacy Law, SB 20, Schwarzenegger, Simitian

In case you missed it, California Gov. Arnold Schwarzenegger vetoed Senate Bill 20, which would have added a few more requirements to the state's existing data breach notification law. Sponsored by state...

October 7, 2009  3:54 PM

Bailey on the role of the CIO in innovation, PKI in cloud computing

Posted by: GuyPardon
Cloud computing, compliance, encryption, identity, Identity management, Public key infrastructure, Software as a service, Technology

Last week at the OASIS Identity Management Conference, Gregg “Skip” Bailey, director of technology integration for the federal practice at Deloitte, suggested that agencies looking to leverage the power and scale of

August 21, 2009  4:10 PM

Clarifying mobile encryption requirements for 201 CMR 17.00 compliance

Posted by: GuyPardon
201 CMR 17.00, business, Chief information officer, CIO, compliance, data protection, encryption, IT compliance, Mobile phone, Open source, Personally identifiable information

When I reported on amendments to the Massachusetts data protection law earlier this week, one of the comments that undersecretary of consumer affairs Barbara Anthony made was a point of interest...

August 17, 2009  9:22 PM

201 CMR 17 FAQ: Updates to Massachusetts data protection law

Posted by: GuyPardon
201CMR17, compliance, data protection, encryption, FTC, Information privacy, Information security, Personally identifiable information, privacy, Security

Earlier today, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) issued an update to 201.CMR.17, the

July 29, 2009  9:59 PM

Government bodies’ dueling legislative answers to data protection laws

Posted by: SarahCortes
compliance, cybersecurity, Cyberspace, encryption, HR 2221, MA 201 CMR 17, White House

When it comes to data security legislation, do you prefer the perspective of the White House, Capitol Hill or Beacon Hill? This is not a trick question. While the White House refined its philosophy in the

July 29, 2009  2:27 PM

Cloud computing data security creates challenges for compliance officers

Posted by: Scot Petersen
Cloud computing, compliance, data center, encryption, podcast, risk, Security

Cloud computing is just another form of outsourcing, and like outsourcing, it comes with its own set of risks and compliance challenges. As the data center begins to disappear into the cloud, data security tops the list. But is encryption, specifically public key infrastructure, up to the task...

July 17, 2009  10:22 AM

No easy answers for complying with data protection regulations

Posted by: Scot Petersen
compliance, data protection regulations, encryption, Information security, MA 201 CMR 17

As the effective date of Jan. 1, 2010, approaches for Massachusetts’ data protection regulation, business owners and information security managers are getting a little bit edgy about compliance with MA 201 CMR...

Bookmark and Share     1 Comment     RSS Feed     Email a friend

April 22, 2009  9:56 PM

Cybersecurity is ‘a critical national interest,’ says Hathaway

Posted by: GuyPardon
Cyberspace, encryption, Melissa Hathaway, National security, Security

"It is the fundamental responsibility of our government to secure cyberspace for its citizens and the world." -- Melissa Hathaway...

March 13, 2009  8:54 PM

Coming: State privacy laws run amok

Posted by: Scot Petersen
compliance, conference, data protection, encryption, governance, MA data protection law, regulatory compliance, risk management

As business owners are preparing for the new Massachusetts data protection law, also known as 201 CMR 17: Standards for The Protection of Personal Information of Residents of the...

March 13, 2009  6:03 PM

Risk-based approach to information governance at Compliance Decisions

Posted by: GuyPardon
Capability Maturity Model Integration, compliance, conference, data protection, encryption, governance, Information security, MA data protection law, regulatory compliance, Risk assessment, risk management, Twitter, Virtualization

As I wrote yesterday, the Compliance Decisions Summit got off to a great start when Eric Holmquist and Richard Mackey considered the

  Bookmark and Share     0 Comments     RSS Feed     Email a friend


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: