In a recent article written by Linda McGlasson, and published in the Bank Information Security News Articles section, an excellent argument is made that because the Payment Card Industry (PCI) standard is still basically a “one size fits all” set of static requirements, something needs to be done to reverse the ongoing and increasing data breach trend within the Payment Card Industry.
Click here to read this most interesting article.
In a recent posting by Colin J. Zick on the Security, Privacy & The Law website, you will see that the California Department of Health (”CDPH”) determined that the Kaiser Permanente’s hospital in Bellflower, California “failed to prevent unauthorized access to patients’ medical information, as required by Section 1280.15 of the Health and Safety Code.
Click here to read more about the rest of the settlement in this ruling.
A new report published July 15, 2009, by the Ponemon Institute and sponsored by Ounce Labs claims that a wide level of disparity exists between the perspective views of CEO’s vis a vis other C-level executives regarding data breach.
An example of that disparity is represented in the survey where it states that while 64% of polled executives believe that their organizations will be breached in the next 12 months, they don’t necessarily agree on where accountablity for those breaches are, and few believe that there would be professional repercussions from a breach.
Some of the other findings from the report (download PDF) titled “Business Case for Data Protection: Study of CEO’s and other C-level Executives” reveal a disparity of security concerns and that CEO’s underestimate the risk of breaches to their organization.
If this report is accurate, then many disaster recovery and risk managers may face additional challenges in getting their Business Continuity Plans in place within their organizations.
Let us know if this study fits the profile of your organization…..
