Law aims to reduce identity theft

Tuesday, 1 July 2003, 12:52 PM EST

The Security Breach Information Act (S.B. 1386), which goes into effect Tuesday, requires companies that do business in California or that have customers in the state to notify consumers whenever their personal information may have been compromised.

Companies that fail to properly lock down information or to notify consumers of intrusions could be sued in civil court.

"Organizations that are following near-best practices for data security should be OK," said Ray Wagner, research director for information security strategies at Gartner. "However, you could read (the law) very conservatively: If you don't encrypt data...and maintain good audit trails, you open yourself up to lawsuits."

The law attempts to stem the growing problem of identity theft, in part by encouraging companies to be more open about security breaches that may have compromised consumer data.

[ Read more ]

Related items




Spotlight

Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 2nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //