[IEEE-bhpjobs] Feb 5: 'The Price Of Doing Business – Protecting Your Client’s Data'

[Esther L]

http://www.cednc.org/calendar/calendar.php?mode=view&id=102801
www.localtechwire.com
Feb 5, 11:30am

With the increased presence of the Internet, e-Commerce has been an 
easily recognized term. We buy stocks, pay bills, refill prescriptions 
and shop without thinking twice about where our information is being stored.

But as the reality of identity theft looms over us, we have implemented 
more regulations to increase accountability and security.

Key Regulatory Data Security Requirements

- Section 404 of the Sarbanes-Oxley Act requires business managers and 
auditors to attest to the business' controls over the gathering and 
calculation of financial results. Services providers under contract to 
the business must be SAS 70 Compliant.
- The Payment Card Industry Data Security Standard requires that 
cardholder information stored anywhere be protected by encryption or 
similar technologies.
- The Health Insurance Portability and Accountability Act (HIPAA) 
requires that healthcare institutions keep patient information 
confidential and destroy them between two and five years after the 
patient's death. SEC 17a defines which records financial institutions 
must create and maintain; and defines the media requirements and 
conditions an institution must meet to store electronic records. 
Retention periods range from three to six years.

Join Local Tech Wire on Tuesday, Feb. 5 as we explore SAS 70, HIPAA and 
PCI and how it has impacted North Carolina’s economy.

-- 
-- Esther L., esther_L (at) ieee.org, Speaking only for myself.
If your email to me bounces, check the _L and the H in esther.