Identity theft: are organizations obliged to notify clients?
When a company or even a not-for-profit organization collects, uses and/or deals with personal information, it might be legally required to immediately notify individuals whose information it is handling if there is a security breach relating to that information.
Apart from specific local laws that might require such notification, in both the U.S. and Canada there is a trend in legal jurisprudence and industry standards towards such an obligation based on concerns over the issue of identify theft.
By Javad Heydary at the E-Commerce Times.
[ Read more ]
- Review: Identity Theft (26 August 2003)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.