|
|
| Welcome to Realtime IT Compliance!
|
 |
|
Some SEO companies base their numbers on the amount of time it takes to perform initial and ongoing services per page. Definitely ask the SEO Company that you're courting if they practice these sorts of tactics. Be sure to ask the SEO companies that you are talking with if they understand that these practices could get your site banned from the search engines. Welcome to the first IT Compliance community in the new Web 2.0 interactive world. Follow along as IT Compliance expert Rebecca Herold leads interactive forums, blogs, news stories, articles, podcasts, and webcasts to create a new type of interchange between compliance and information security practitioners, academia, vendors, consultants, auditors and regulators...and anyone else who is interested in these intriguing topics.
Realtime-IT Compliance provides a learning environment allowing all levels of information sharing about the vast array of ever growing IT Compliance issues. If there is a topic or issue you would like to see covered here that is currently missing, please send a message to Rebecca and let her know! She is happy to hear from you and wants to know your suggestions and thoughts for making this site as useful to you as possible.
|
|
|
|
|
| Latest Articles on Realtime IT Compliance
|
|
|
Addressing the Risks of Outsourcing by Rebecca Herold - Friday, March 31, 2006
When you entrust business partners with your company’s confidential data, you are placing all control of security measures for your organization’s data completely into their hands. That trust cannot be blind. Many recent security incidents have resulted from inadequate security practices within outsourced organizations handling another company’s customer or employee data.
read more...
|
Data Retention Compliance by Rebecca Herold - Tuesday, March 21, 2006
Many laws and regulations exist throughout the world that require specific retention time periods and associated safeguards for a wide range of data types. Organizations need to be aware of these data retention requirements and plan to meet the compliance challenges.
read more...
|
How Encryption Supports Compliance by Rebecca Herold - Wednesday, March 08, 2006
Encryption is an underutilized security tool. Facing the infinite number of today’s risks, threats, and vulnerabilities, encryption can effectively keep unauthorized individuals and systems from accessing sensitive information and thwart many types of attacks. In today’s business environment—with sensitive information being stored in multiple locations, many of them mobile—encrypting information is an effective privacy safeguard organizations can add to their arsenal of protection tools.
read more...
|
|
|
|
|
|
| Industry Watch
|
|
|
Citigroup a `Test Case' for Trading, Regulator Says (Update2) - Tuesday, April 04, 2006
(Bloomberg) - Citigroup Inc.'s insider-trading hearing in Australia will be a test case for whether barriers between investment bankers and traders can prevent conflicts of interest with clients, the country's securities regulator said. Australia's first insider-trading suit against a company claims Citigroup traded shares in Patrick Corp., the nation's largest port cargo handler, using confidential information. The trades were ``against the interest'' of Toll Holdings Ltd., which Citigroup was advising on a A$5.2 billion ($3.7 billion) hostile bid for Patrick, the regulator said March 31.
read more...
|
Consumers burdened by detailed privacy disclosures - Tuesday, April 04, 2006
(Akron Beacon Journal) - The notices that companies and banks give out to consumers about financial privacy can be shortened and simplified to make them easier to understand, a government study found. The recent study concluded consumers are burdened by detailed privacy disclosures. ``Consumers are overwhelmed by complex information,'' said the almost 400-page report.
read more...
|
Full disclosure only response to identity breach - Monday, April 03, 2006
(Times Argus)- The students and faculty of Lyndon State College recently opened up their inboxes and found an e-mail from Stephen C. Allen, their college's computer system administrator. Only it wasn't penned by the real Stephen Allen – it was written and sent by someone else who managed to gain access to Allen's e-mail account. "Hello and good day," the e-mail said. "My name is Identity Theft Victim, Stephen C. Allen … This email is being sent because I chose not to change my default email password, allowing my account to be hijacked through simple methods. Recently 20,000+VSC student, alumni, faculty and staff identities were compromised through the theft of a VSC laptop."
read more...
|
Secretary Mike Levitt, Dept. of Health and Human Services, Sought as Defendant to Explain... - Monday, April 03, 2006
(PRWEB) - Documents filed last week in Sacramento federal court (USDC for the EDC No. 2:05-CV-2410-FCD-KLM, Clark v. Rea) seek to add Secretary of the U.S. Department of Health and Human Services (DHHS) as a “permissive defendant” in proceedings alleging violation of the Health Insurance Portability and Accountability Act (HIPAA) against an attorney of the Adventist Health System in Roseville, California. Plaintiff Barb Clark, a registered nurse, claims that she felt “reluctantly safe under the federal medical records confidential law” to answer questions in an interrogation interview by a criminal psychologist hired by the Adventists as part of her on-going workers’ compensation claim against the hospital chain, court documents claim.
read more...
|
State Workers Warned of Florida Data Leak - Monday, April 03, 2006
(COMPUTERWORLD) - Sensitive employee data may have been compromised by offshore contractors. Personal information of state employees in Florida may have been compromised after work on the state's People First payroll and human resources system was improperly subcontracted to one or more firms in India. About 108,000 current and former employees who worked for the state between Jan. 1, 2003, and June 30, 2004, may be affected by the breach, according to an e-mail warning that was sent last week to everyone who was employed by the state during that period. All state workers were warned of the breach in a March 16 e-mail.
read more...
|
Audit fees, SOX still socking companies - Monday, April 03, 2006
(Boston Business Journal) - The pain was supposed to subside for companies after the first year of the Sarbanes-Oxley Act, as business pundits predicted that investments in pricey technologies and accounting infrastructure would peter out after taking a big, one-time bite out of Corporate America's bottom line. The pundits were wrong. A Boston Business Journal analysis of 27 public companies in Massachusetts shows their auditing costs spiked 26 percent last year, bringing their total increase to 103 percent since SOX became effective in 2004. In total, the group spent $56.6 million on SOX and related auditing costs last year, or around 2 percent of their 2005 operating income.
read more...
|
Framework could aid global information exchange - Monday, April 03, 2006
(FCW) - An open-standards group has created a framework that could facilitate the global exchange of information among organizations. The naming system could benefit a wide range of disciplines, from disaster response to medical research. The Open Group’s Universal Data Element Framework (UDEF) has the potential to hasten information exchange by indexing the world’s datasets — from e-commerce services to government registries and medical research databases — in one universally shared semantic repository.
read more...
|
Educators' Social Security numbers sent via e-mail - Sunday, April 02, 2006
(Connecticut Post) - The Social Security numbers of the 1,250 teachers and school administrators in the Connecticut Technical High School System were mistakenly sent via e-mail to staff, triggering an investigation by state Attorney General Richard Blumenthal. Blumenthal said Wednesday that he is appalled and astonished by the apparent "senseless" security breach.
read more...
|
Shorter College students, faculty told be cautious after hacking - Saturday, April 01, 2006
(WIStv) - Students and faculty at Shorter College are being told to keep an eye on their credit information after a student was arrested on accusations of hacking into the school's network. Adrian Laza, a junior at the school, was arrested Wednesday and has been accused of disrupting the college's computer network and accessing employee information. He has been charged with computer theft, computer invasion of privacy and computer trespass.
read more...
|
Senate Passes Phone Data Confidentiality Bill - Friday, March 31, 2006
(Internet News) - A U.S. Senate panel pushed out legislation yesterday that makes it illegal to acquire, use or sell a person's confidential phone records without affirmative written consent. Applying to wireline, wireless and Voice over IP (define)&bspcarriers, the bill also bars unscrupulous companies and individuals from fraudulently obtaining consumers' private phone records through a deceptive practice known as "pretexting." The term refers to unauthorized persons using false pretenses to acquire private phone records.
read more...
|
SMB Storage Set For 2006 Rush - Friday, March 31, 2006
(Small Business Computing) - Thanks to the explosion in data and the imminent certainty of compliance regulations, even small and medium businesses (SMBs) are being forced to spend more on storage. Research firm IDC said it expects 2006 to be a breakout year for storage among SMBs, fueled by the proliferation of broadband and local area networks (LAN) that can drive storage needs to new heights. Regulations such as Sarbanes-Oxley and SEC 17a-4 will contribute to the increase in storage spending, too. IDC analyst Ray Boggs said this trend is a combination of two forces: capacity challenges and compliance regulations.
read more...
|
Prosecutor: Advertisers Must Monitor Online Distributors - Friday, March 31, 2006
(Online Media Daily) - Advertisers and marketers must be wary of fraud or deceptive practices committed by their affiliates, and even spammers or adware servers that they have no working relationships with, an attorney with the New York State Attorney General's office said Tuesday at a lecture in New York sponsored by TRUSTe and the International Association of Privacy Professionals.
read more...
|
Why Privacy Won't Matter - Thursday, March 30, 2006
(MSNBC/Newsweek) - Google, Yahoo and Microsoft desperately want to know every last thing about what you do, say and buy. Here's how they'll do it—and why we'll let them. A friend takes your picture with her cell phone, and puts the phone back in her purse. But the gadget isn't dormant. It gets to work figuring out who you are, and sends that information, along with your precise location, to an organization that adds the data to a file it keeps on where you go and who you hang out with, as well as other things. The organization then charges money to help others who want to reach you, and even notifies certain people nearby of your presence.
read more...
|
IRS Privacy Proposal Alarms Consumer Groups - Thursday, March 30, 2006
(The Ledger) - IRS Commissioner Mark Everson told House lawmakers Wednesday that proposed changes to privacy rules governing tax preparers with access to taxpayers' personal information would only simplify and tighten the standards. But the proposal alarmed some consumer groups, which fear the changes could open taxpayers to more widespread disclosure or sale of personal information.
read more...
|
ID theft bill leaps hurdle in House - Thursday, March 30, 2006
(NWANews) - The U. S. House Energy and Commerce Committee unanimously approved a bill Wednesday that would require companies to tell consumers nationwide if they are at risk of identity theft after a security breach. But even a bill with bipartisan support that has managed to avoid provoking both the data industry and privacy advocates faces a tough road to passage. The Data Accountability and Trust Act is one of seven similar bills expected to reach the House and Senate floors by late summer. Consumer groups who support the bill say it’s still a weaker version of what many states already have on the books. Little Rock-based Acxiom Corp. — one of the largest data brokers in the country — says certain provisions may unfairly target the data industry.
read more...
|
US House Commerce panel clears data security bill - Wednesday, March 29, 2006
(Reuters) - A U.S. House committee on Wednesday approved a bill to protect consumers from identity theft by setting a national standard for companies to secure personal information and monitor for security breaches. The bill was cleared by the Energy and Commerce Committee and may now be considered on the floor of the House of Representatives. But it also competes with data security bills that have emerged from other committees and include distinct provisions and requirements.
read more...
|
US House Commerce panel clears data security bill - Wednesday, March 29, 2006
(Reuters) - A U.S. House committee on Wednesday approved a bill to protect consumers from identity theft by setting a national standard for companies to secure personal information and monitor for security breaches. The bill was cleared by the Energy and Commerce Committee and may now be considered on the floor of the House of Representatives. But it also competes with data security bills that have emerged from other committees and include distinct provisions and requirements.
read more...
|
Stay Tough on Identity Theft: Federal bill mustn't undermine state laws - Wednesday, March 29, 2006
(Dallas Morning News) - The best of intentions can go awry, as a couple of Congress' attempts to craft federal identity theft legislation illustrate. Take, for instance, the bill that the House Financial Services Committee passed earlier this month. Some lawmakers praised the bill for a credit freeze provision to help victims prevent thieves from getting new credit under a stolen identity. The problem, say consumer advocates, is that eight states already have credit freeze laws that are stronger than those in the federal proposal.
read more...
|
Suffering in silence with data leaks - Wednesday, March 29, 2006
(CNET News) - Lynn Perry was living an online shopping nightmare. A hacker had snatched her home address and phone and credit card numbers--even the three-digit security code printed on the back of her credit card--and was offering them to anyone willing to pay the asking price: $5. Perry, a copyright attorney from Mill Valley, Calif., was among 10 people whose personal data was posted last month on a Web site that specializes in the trafficking of stolen information. Even worse, no one bothered to tell her that her credit card information had been compromised.
read more...
|
|
|
|
|
|
|
|
| Join the Conversation
|
|
|
|
|
|
|
|
|