Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: data breach notification laws

New Massachusetts Regulation Has Significant Implications for Information Security Professionals

– This year, the Commonwealth of Massachusetts enacted a regulation that prescribes information security policies and practices quite unlike those required in any previous state or federal mandate.  This regulation, 201.CMR 17.00 (Read the full text here), states that “all persons that own,…

An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionals (pt. 2)

– A few weeks ago, I presented the results of an analysis of data breaches occurring in 2007, the last full year for which information is available; the “Chronology of Data Breaches” database, available at the Privacy Rights Clearinghouse website (privacyrights.org) provided source data…

An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionls (pt. 1)

– Within the next few weeks—if not earlier—you should visit the “Chronology of Data Breaches” database available at the Privacy Rights Clearinghouse website (privacyrights.org). The database provides a listing of privacy-related security breaches that have been reported in the United States,…