Tuesday, January 15, 2008

Data-breach laws and business concerns

Seems like data-breach laws are getting expansive - California law now requires notification of leaked medical information.

Others, such as Massachusetts, are having a harder time convincing businesses. I do understand the challenge small businesses have - some of the security solutions they need to implement can be expensive. Howeever, the solution is not just technology. Better processes and compensating controls for small organizations will go a long way in reducing threats.

All this brings into focus the need for a national, standardized law. Our CEO, Patrick McGregor had some interesting points to make on this subject in this SC Magazine article.

No comments: