You are currently browsing the Electronic Payment Security weblog archives for the day October 20, 2006.
- February 7, 2007: New Techniques for Guarding Financial Data
- February 6, 2007: Increased Scrutiny From Card Associations in 2007
- January 28, 2007: The State of PCI Compliance 2007
- January 23, 2007: Background Checks on IT Personnel
- January 5, 2007: 100 Million Notifications of Data Breaches in US
- December 17, 2006: Inside Jobs: The Risk of Data Breach From Insider Threats
- December 12, 2006: Card Associations Step Up PCI Enforcement
- December 1, 2006: CompTIA Survey Emphasizes Importance of Security Training
- December 1, 2006: CompTIA Survey Emphasizes Importance of Security Training
- November 16, 2006: Average data breach costs $5 million
Credit Card Companies
FAQ
Helpful Sites
Archive for October 20, 2006
Does PCI Compliance Ensure Compliance With Privacy Laws and Regulations?
October 20, 2006 by tim.
Given the complexity of Payment Card Industry (PCI) compliance, many organizations may conclude that complying with the PCI DSS will then ensure compliance with the myriad of state and federal laws and regulations that address privacy and data security (see Payment Card Industry Compliance and Data Breach Laws). Dr. Heather Mark addresses the relationship between PCI compliance and privacy in this month’s edition of Transaction World magazine.
She specifically addresses the legal requirement to provide a Notice, which is usually covered in the Privacy Policy on a website. She says that future articles will “attempt to answer the questions surrounding the intersection of privacy and security.” This should be a very helpful source of information for organizations trying to navigate these treacherous waters.
Posted in Data Breach Regulations, Payment Card Industry / Credit Card Security | No Comments »