Skip to main content

Home/ WPPS C-Suite News/ Group items tagged Trade

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

FTC Delays Enforcement of Red Flags Rule Fifth Time at the request of Congress - 0 views

www.hipaa.com/...-ftc-red-flags-rule-fifth-time

compliance FTC Red Flags Rule

shared by sandy ingram on 17 Sep 10 - No Cached
  • “The Commission urges Congress to act quickly to pass legislation that will resolve any questions as to which entities are covered by the Rule and obviate the need for further enforcement delays.  If Congress passes legislation limiting the scope of the Red Flags Rule with an effective date earlier than December 31, 2010, the Commission will begin enforcement as of that effective date.”
  • The issue regarding the delays in FTC enforcement relates to “scope of entities covered by the Rule,” as indicated in the FTC news release.  Congress is taking action[2]:
  • “House lawmakers in October [2009] passed H.R. 3763[3], which would exclude from the Red Flags guidelines meaning of ‘creditor’ any healthcare, accounting, or legal practice with 20 or fewer employees, as well as any other business which the FTC determines knows all its customers or clients individually; only performs services in or around the residences of its customers; or hasn’t experienced incidents of ID theft, and identity theft is rare for businesses of that type.  An identical bill, S.3416 was introduced in the Senate on May 25 [2010].” A lawsuit was filed in federal court on May 21, 2010, to accomplish a similar objective of narrowing scope of entities covered by the Rule. 
  • sandy ingram on 17 Sep 10
     
    "At the request of several Members of Congress, the Federal Trade Commission is further delaying enforcement of the 'Red Flags' Rule through December 31, 2010, while Congress considers legislation that would affect the scope of entities covered by the Rule.  Today's announcement and the release of an Enforcement Policy Statement do not affect other federal agencies' enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance….
sandy ingram

FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule - 0 views

www.ftc.gov/...redflags.shtm

identity theft ftc extends Red Flags Rule Legal compliance information security

shared by sandy ingram on 21 Oct 10 - Cached
  • “Congress needs to fix the unintended consequences of the legislation establishing the Red Flags Rule – and to fix this problem quickly.
  • The Rule was developed under the Fair and Accurate Credit Transactions Act, in which Congress directed the FTC and other agencies to develop regulations requiring “creditors” and “financial institutions” to address the risk of identity theft.
  • The resulting Red Flags Rule requires all such entities that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.
  • ...3 more annotations...
  • The Rule became effective on January 1, 2008, with full compliance for all covered entities originally required by November 1, 2008.
  • Today’s announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance.
  • If Congress passes legislation limiting the scope of the Red Flags Rule with an effective date earlier than December 31, 2010, the Commission will begin enforcement as of that effective date.
  • sandy ingram on 21 Oct 10
     
    FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule At the request of several Members of Congress, the Federal Trade Commission is further delaying enforcement of the "Red Flags" Rule through December 31, 2010, while Congress considers legislation that would affect the scope of entities covered by the Rule. Today's announcement and the release of an Enforcement Policy Statement do not affect other federal agencies' enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance. "Congress needs to fix the unintended consequences of the legislation establishing the Red Flags Rule - and to fix this problem quickly. We appreciate the efforts of Congressmen Barney Frank and John Adler for getting a clarifying measure passed in the House, and hope action in the Senate will be swift," FTC Chairman Jon Leibowitz said. "As an agency we're charged with enforcing the law, and endless extensions delay enforcement." The Rule was developed under the Fair and Accurate Credit Transactions Act, in which Congress directed the FTC and other agencies to develop regulations requiring "creditors" and "financial institutions" to address the risk of identity theft. The resulting Red Flags Rule requires all such entities that have "covered accounts" to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities - known as "red flags" - that could indicate identity theft. The Rule became effective on January 1, 2008, with full compliance for all covered entities originally required by November 1, 2008. The Commission has issued several Enforcement Policies delaying enforcement of the Rule. Most recently, the Commission announced in October 2009 that at the request of certain Members of Congress, it was delaying enforcement of the Rule until June 1, 2010, to allow Congress time to finalize leg
sandy ingram

FTC Announces Conference on International Aspects of Securing Personal Data - 0 views

www.ftc.gov/...datasec.shtm

FTC Personal Data Protection

shared by sandy ingram on 11 Jan 09 - Cached
  • sandy ingram on 11 Jan 09
     
    The Federal Trade Commission, in conjunction with two international organizations, will host a two-day international conference: "Securing Personal Data in the Global Economy." The conference addresses how companies can manage personal data-security issues in a global information environment where data can be stored and accessed from multiple jurisdictions.
sandy ingram

Courts Says Employer's Lawsuit Against Ex-Employee Over Retention and Use of Twitter Ac... - 0 views

blog.ericgoldman.org/...california_cour.htm

Best Practice employees social media account

shared by sandy ingram on 10 Nov 11 - No Cached
  • The takeaway is to have a written agreement that governs this issue!
  • PhoneDog said it suffered $340,000 in damages. The account had 17,000 followers, "which according to industry standards, are each valued at $2.50."
sandy ingram

Smaller companies challenged to comply with Massachusetts' data privacy rules - Mass Hi... - 0 views

www.masshightech.com/...usetts-data-privacy-rules.html

compliance Privacy Security Massachusetts proofpoint

shared by sandy ingram on 10 Nov 10 - No Cached
  • The regulations, which went into force in March, are intended to protect a consumer’s personal information from identity theft and other privacy breaches and to spell out steps that businesses must take to ensure data is secured. Some large companies — particularly those in the finance and health care industries that are already subject to data security laws like the Health Insurance Portability and Accountability Act (HIPAA) — had privacy measures in place, which helped get them ready for Massachusetts’ regulations. However, for many smaller and midsize companies that have not been subject to data security laws before, complying with the rules is a longer and often more painful process.
  • some businesses that are complying with privacy regulations for the first time and have limited in-house technology expertise “are running around with their hair on fire, trying to figure out what to do first,”
  • “We’ve seen a substantial uptick in activity in clients seeking guidance in how to comply,” said Carlos Perez-Albuerne, a partner at Choate Hall & Stewart LLP. “There’s a whole swath of businesses that never had to deal with anything like this before.”
  • ...4 more annotations...
  • Under the regulations, organizations — no matter where they are based — that store personal information about Massachusetts residents have to write security policies detailing how the data will be protected, encrypt the data when it is stored on laptops or other portable devices or transmitted over public networks, and monitor their systems for breaches.
  • Believed to be among the most stringent data privacy regulations in the U.S., the rules have lawmakers and businesses taking note. The regulations are now driving computer security policy agendas across the country, said Mark Schreiber, a partner at Edwards Angell Palmer & Dodge who chairs the firm’s privacy and data protection group. “The impact is much broader than we ever imagined. Who would have thought it would have catalyzed so much activity?” he said. “This will be with us for decades or longer.”
  • Since March, Cutugno Court Reporting and Sten-Tel Inc., a Springfield-based firm that provides document management and transcription systems, has spent “easily into the six-figure realm” on technology and consulting services to comply with the privacy regulations, said Blake Martin, the company’s CIO.
  • To date, state regulators have not yet taken any public enforcement actions against organizations that have failed to comply with the rules. The state attorney general’s office, which is charged with enforcing the regulations, and the Office of Consumer Affairs and Business Regulation, which developed the regulations, have been focusing on compliance efforts, reaching out to trade groups, bar associations and others to spread the word.
  • sandy ingram on 10 Nov 10
     
    "Eight months after the state's tough, new data privacy regulations went into effect, many businesses are still sorting through the rules and working to bring their firms into compliance. "
sandy ingram

Innovations in software, engineering, pharmaceuticals and other fields are being stolen... - 0 views

www.whitehouse.gov/...homeland_security

homeland Obama cybersecurity

shared by sandy ingram on 20 Mar 09 - Cached
  • The first responsibility of any president is to protect the American people. President Barack Obama will provide the leadership and strategies to strengthen our security at home.
  • Barack Obama and Joe Biden's strategy for securing the homeland against 21st century threats is focused on preventing terrorist attacks on our homeland, preparing and planning for emergencies and investing in strong response and recovery capabilities. Obama and Biden will strengthen our homeland against all hazards
  • Protect Our Information Networks
  • ...9 more annotations...
  • Barack Obama and Joe Biden -- working with private industry, the research community and our citizens -- will lead an effort to build a trustworthy and accountable cyber infrastructure that is resilient, protects America's competitive advantage, and advances our national and homeland security.
  • Strengthen Federal Leadership on Cyber Security
  • ensure that the federal government works with states, localities, and the private sector as a true partner in prevention, mitigation, and response.
  • Work with the private sector to establish tough new standards for cyber security and physical resilience.
  • Work with industry to develop the systems necessary to protect our nation's trade secrets and our research and development
  • Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches:
  • Prepare Effective Emergency Response Plans:
  • Working with State and Local Governments and the Private Sector:
  • Create a National Infrastructure Protection Plan:
  • sandy ingram on 20 Mar 09
     
    The first responsibility of any president is to protect the American people. President Barack Obama will provide the leadership and strategies to strengthen our security at home.
sandy ingram

Volatile markets may tempt hedge-fund fraud - 0 views

www.guardian.co.uk/...8050391

fraud hedge funds workplace

shared by sandy ingram on 21 Nov 08 - Cached
  • Unlike mutual funds, hedge funds are allowed to use trading techniques like selling stocks short and using borrowed money and regulators do not require them to make their performance or other details public.
  • "We are experiencing some of the most difficult times ever, and difficult times create desperate people who may do desperate things,"
  • sandy ingram on 21 Nov 08
     
    "If staff suddenly leave a hedge fund, investors should pay attention."
  • sandy ingram on 21 Nov 08
     
    Volatile markets may tempt hedge-fund fraud
sandy ingram

Do You Know Where Your Data Are? - WSJ.com - 0 views

online.wsj.com/...SB123997522418329223.html

privacy security Google Cloud

shared by sandy ingram on 15 May 09 - Cached
  • There's a basic consumer protection principle at work here, and it's the concept of "unfair and deceptive" trade practices.
    • sandy ingram
      sandy ingram on 15 May 09
       
      Basically, a company shouldn't be able to say one thing and do another: sell used goods as new, lie on ingredients lists, advertise prices that aren't generally available, claim features that don't exist, and so on.
  • RealAge's privacy policy doesn't mention anything about selling data to drug companies, but buried in its 2,400 words, it does say that "we will share your personal data with third parties to fulfill the services that you have asked us to provide to you."
  • Cloud computing is another technology where users entrust their data to service providers. Salesforce.com, Gmail, and Google Docs are examples; your data isn't on your computer -- it's out in the "cloud" somewhere -- and you access it from your web browser.
  • ...3 more annotations...
  • 69% of Americans now use some sort of cloud computing services
  • Google repeatedly assures customers that their data is secure and private, while published vulnerabilities demonstrate that it is not
  • Cloud computing services like Google Docs, and social networking sites like RealAge and Facebook, bring with them significant privacy and security risks over and above traditional computing models
  • sandy ingram on 15 May 09
     
    Google's cloud computing services. On its website, Google repeatedly assures customers that their data is secure and private, while published vulnerabilities demonstrate that it is not.
1 - 9 of 9
Showing 20 items per page