Discussion on:
View:
Show:
Is your organization doing an effective job of protecting personal information? What changes have you seen that are designed to bolster privacy protection and ensure compliance?
The article refers to US law and even then not for all states. So really the one KEY thing you need ot know, is how your OWN state, province or territory applies laws regarding privacy protection.
In Canada, this has always been far tighter than in the US. Personal privacy law is common knowledge to most businesses and employes here.
In Canada, this has always been far tighter than in the US. Personal privacy law is common knowledge to most businesses and employes here.
One of the bigger struggles is knowing what to manage to for each State and recognising the differences between the States as well as the Fed... and the guidelines based on industry.
Optimally, privacy in general would be "One size fits all" with industry specific guidelines added on. HIPPA has different rules than SOX and a company may or may not have to manage to both.
Regardless, I think that business continues to give security, privacy, and compliance short shrift. That thinking must end. The potential for life changing damage is just too high.
Optimally, privacy in general would be "One size fits all" with industry specific guidelines added on. HIPPA has different rules than SOX and a company may or may not have to manage to both.
Regardless, I think that business continues to give security, privacy, and compliance short shrift. That thinking must end. The potential for life changing damage is just too high.
It would be relatively easy to do, as well. Simply extend the Privacy Act of 1974 to apply to all personal data and not just identifying information, and require businesses to comply and not just government. Only the individual can release or authorize the release of data and must authorize each individual release, which is actually more strict than either SOX or HIPAA. The Privacy Act does not, however, have the onerous "what we're doing to comply" requirements associated with HIPAA and SOX; the only requirement I am aware of is that the authorization for release must remain with the information until it is destroyed.
As an IT consultant I am fully aware that IT management is struggling with whether social media is productive or obstructive for companies and their employees. Software is being developed and policy and restrictions are being decided everyday by IT managers. The security of company networks are at stake but the potential for innovation using social media is a large enough carrot for the discussion of how to properly utilize the medium continues. Palo Alto networks came up with a whitepaper, http://bit.ly/d2NZRp, which will explore the issues surrounding social media in the workplace. It is important to not only understand the immediate benefits of doing business how one lives, but the threat it presents to a company's greater ROI and productivity when it comes to the server's safety and security.
Check it out: http://bit.ly/d2NZRp and http://bit.ly/cR80Al
Check it out: http://bit.ly/d2NZRp and http://bit.ly/cR80Al
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
