Tag Archives: compliance

Insurance exchanges’ IRS Publication 1075 data compliance new to many

Protecting that tax data requires more than just HIPAA compliance. Separate breach reporting and data encryption rules apply, for example, and the IRS has some fairly specific rules for physical safeguards, including a prohibition on drop ceilings and prescriptions for cubicle wall heights where FTI is handled.

via Insurance exchanges’ IRS Publication 1075 data compliance new to many.

Level 3 PCI Compliance Increases Slightly, Even As Its Population Grows

The latest PCI compliance stats—out this week—show trivial changes from the prior report, with Level 2 and Level 3 retailers slightly increasing compliance. Level 2 went from 91 percent at the end of December 2011 to 92 percent as of March 31, 2012, and Level 3 also increased by 1 percent, from 58 percent to 59 percent. The largest chains, the Level 1s (processing more than 6 million Visa transactions annually), stayed exactly the same, at 98 percent.

via StorefrontBacktalk » Blog Archive » Level 3 PCI Compliance Increases Slightly, Even As Its Population Grows.

uPromise and FTC

The FTC alleged that after the personalized offers feature was enabled, extensive information was collected from the user and transmitted to Upromise, including the names of all websites visited, all links clicked by the user and information that users entered into certain web pages, such as usernames, passwords, search terms, credit card information, expiration dates, security codes and social security numbers.  The FTC alleged that there was no way a user would be able to detect the extent of the data being collected by the Upromise software without special software and technical expertise

via Privacy & Security Matters | Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney.

2012 Security Spending To Hold Strong

For 2012, 37% of information security professionals say their business plans to increase its security spending, while only 16% expect their security spending to decrease. The top drivers for spending increases are to address compliance, mobile devices, and data loss prevention.

via 2012 Security Spending To Hold Strong – Security – Security administration/management – Informationweek.

The (EMV/Contactless) World According To Visa « PCI Guru

The PCI SSC stated that while Visa is not requiring merchants to file a ROC or AOC, the merchant still has to ensure that it is PCI DSS compliant.  This means that the merchant still must go through the PCI compliance assessment process of a ROC or respective SAQ to ensure that their controls are functioning properly.

via The (EMV/Contactless) World According To Visa « PCI Guru.