Global Privacy & Security Compliance Law Blog

Category Archives: Security

Subscribe to Security RSS Feed

PCI 2.0 Released: Clarifications But No New Requirements

On October 28, 2010, the Payment Card Industry Data Security Standard (PCI DSS) 2.0 was released. There are no new requirements, mostly the PCI Security Standard Council (“Council”) made wording clarifications throughout the 12 existing requirements. These changes go into effect January 1, 2011, but merchants don’t have to be compliant with them until December … Continue Reading

HHS’ Withdrawal of Breach Notification Regulations under the HITECH Act Creates Uncertainty

The Interim Final Rule for Breach Notification for Unsecured Protected Health Information, issued pursuant to the Health Information Technology for Economic and Clinical Health (HITECH) Act, was published in the Federal Register on August 24, 2009, and became effective on September 23, 2009.  During the 60-day public comment period on the Interim Final Rule, HHS received approximately 120 comments.  HHS reviewed … Continue Reading
LexBlog