Q&A: IBM exec on breach notification laws, data security push
Companies must pay attention to how they secure their data, says Harriet Pearson
|Harriet P. Pearson, vice president of corporate affairs and chief privacy officer at IBM|
What sort of challenge does this pose for companies? There is no doubt that this new set of requirements around security breach notifications [is] now a high-priority item for security and privacy managers and the CIO. Part of the challenge is that there are 25 states [with breach notification laws]. If you look at each of them, you will see that each one is slightly or significantly different, and that does cause challenges. It creates the requirement that if you are doing business across states, you have to go through and try to rationalize them across states. So what kind of information is covered by the law that you have to comply with? There are different definitions of personal information across states. The triggers that require you to notify differ across states. And you have to figure out what the company is comfortable with using as a trigger. Because if you are doing business across the country, basically, I dont think you are going to sit down and [say], "Well, if it happened in Arkansas versus ... California, I am going to use radically different standards." The types of notices differ. The states are using different language [relating to] where you have to put it and who must be notified. I think the more interesting and very significant development here is that nobody wants to become really good at knowing how to notify when theres a breach. Its not a recipe for job success here. So I think whats happening is that at some level, the CFO or the [chief risk officer] or the compliance officer or somebody is going to turn to the CIO and say, "How do we stop this?"
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts