Nevada Mandates PCI DSS
Monday, June 22nd, 2009 Posted in Compliance, Encryption, Government, Legislation, PCI DSS | No Comments »As we've been expecting for some time, states are beginning to take action with respect to mandating PCI DSS. The trend began with Minnesota's Plastic Card Security Act, which prohibited the storage of sensitive authentication data. While not ...
Concerned consumers push for credit card data security law in California
Saturday, October 13th, 2007 Posted in Government, Legislation | 1 Comment »The backlash started slow with a law in Minnesota and Texan (almost and maybe still) and continues with the presumed passage of California AB 779. This is legislation that would address data security breach notification, require card replacement, and ...
PCI for Public Sector Professionals in the UK
Thursday, October 11th, 2007 Posted in Europe, Government | No Comments »Ian from the Public Sector Forums in the UK reminded me of an upcoming event for public sector professionals in the UK to learn more about PCI DSS compliance. We blogged about this before and the event was so successful they ...
Nessus audit files and UK petitions to make PCI law
Wednesday, July 11th, 2007 Posted in Compliance, Europe, Government, Legislation | 6 Comments »The week has been quiet as people work vigorously on their PCI compliance projects. Here's some things that might help you along. Tenable Network Security, the company that brought you Nessus, has "produced two Nessus PCI configuration .audit files for ...
California data handling laws
Friday, June 8th, 2007 Posted in Compliance, Government, Legislation | 1 Comment »Well, the LogBlog beat us to it, in posting about California's laws on data handling. I read through the bill they link to and it's all about storage and disclosure. From the bill: The bill would also prohibit a ...
Minnesota makes PCI law
Friday, June 1st, 2007 Posted in Compliance, Government, Legislation, PCI DSS | 13 Comments »This week Minnesota trumped Texas in being the first state to make PCI compliance a law. Minnesota is home to people like Garrison Keillor and the many Swedes that live there. It is also a great Midwestern state, ...
What is FACTA? Does it apply to credit card numbers?
Wednesday, May 23rd, 2007 Posted in Government, Legislation | 1 Comment »There is a lot of debate going on in the legal courthouses right now about FACTA and how it applies to identity theft. (Some precedent here.) So what is FACTA and how does it apply to PCI compliance? Well, FACTA ...
Texas first state to make PCI law
Friday, May 18th, 2007 Posted in Compliance, Government, Legislation | 4 Comments »I'm late to the news but catching up on events. Everyone including ComputerWorld, nCircle's 360 blog, and James DeLuccia's PCI blog have talked about it. Here's the link to the Texas state bill (HB3222 and full text) and the GardianEdge ...
Some disclosure progress
Sunday, April 29th, 2007 Posted in Europe, Government, PCI DSS | No Comments »I was having a look around to see if I could find any more data on the forthcoming European disclosure rulings that I talked about recently, because it is becoming more apparent just what an effect they will have for ...
European disclosure ruling on the horizon?
Monday, March 19th, 2007 Posted in Europe, Government, PCI DSS | 7 Comments »I've just posted about Kenneth Belva's latest article on my personal blog. I don't want to repeat myself, but PCI in Europe is a case in point for the weight of reputational damage in driving security, but I think ...
