Premium Content

Access "Achieving compliance with the California SB 1386 privacy law"

Randy Sabett, Contributor Published: 02 Jun 2003
Defense-in-Depth: Securing the network from the perimeter to the core

This article is part of the June 2003 issue of Defense-in-Depth: Securing the network from the perimeter to the core

You're the CISO of a mid- to large-sized consumer products company. On an otherwise uneventful Monday morning, one of your managers informs you that a file server containing customer information was left logged in all weekend, and several unescorted strangers were in the building on Saturday. A disgruntled employee who quit on Friday also came in over the weekend to get his stuff. Would you take it upon yourself to make sure that each customer is notified of the potential security problem? Probably not, though you might want to take an aspirin or two. If you're a brokerage house in New York whose hacked database sits in Connecticut, you must notify your California customers if their financial data was stored in that database. If your company does business in California, though, that's about to change. California's new privacy law (SB 1386), which goes into effect July 1, requires any company that conducts business in California and owns or licenses computerized personal data to notify California residents of any actual or suspected security breach that ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Already a member? Login to access this content.

What's Inside

Features

More Premium Content Accessible For Free

Back to top