PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
June 2003

Achieving compliance with the California SB 1386 privacy law

You're the CISO of a mid- to large-sized consumer products company. On an otherwise uneventful Monday morning, one of your managers informs you that a file server containing customer information was left logged in all weekend, and several unescorted strangers were in the building on Saturday. A disgruntled employee who quit on Friday also came in over the weekend to get his stuff. Would you take it upon yourself to make sure that each customer is notified of the potential security problem? Probably not, though you might want to take an aspirin or two. If you're a brokerage house in New York whose hacked database sits in Connecticut, you must notify your California customers if their financial data was stored in that database. If your company does business in California, though, that's about to change. California's new privacy law (SB 1386), which goes into effect July 1, requires any company that conducts business in California and owns or licenses computerized personal data to notify California residents of any actual or ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue