Cleaning up disclosure
In the past five years, there have been many laws and regulations passed that have tried to encourage corporate and government managers to provide reasonable levels of protection to IT information systems. These have included things like the EU Data Privacy and data protection directives and laws enacted to enforce them: the Sarbanes Oxley law mandating controls on financial reporting systems for both U.S. publicly traded companies and foreign companies that might impact such reporting, the HIPAA legislation that mandates protection and privacy of heath care data, FISMA and its progeny for U.S. federal agencies, Article 4A of the Uniform Commercial Code that mandates commercially reasonable security procedures for wire transfers, and a host of rules and regulations by U.S. banking, insurance and securities regulators.
By Mark Rasch at SecurityFocus.
[ Read more ]