What will it mean for Web site operators if Congress passes data breach legislation?
Requires Free Membership to View
This question concerns the data breach disclosure laws being enacted in certain states. There is also the possibility that a nationwide law could be passed. This law in its basic form states that any company which suffers a security breach where personal information is disclosed must notify the public of the breach.
My personal opinion is that this law is a long time coming. It forces companies to start fixing security issues instead of just hiding the breach behind closed doors. Does this law affect Web site operators individually? No. This law applies to any intrusion that compromises "confidential data," which includes anything from a Web application issue to someone stealing backup tapes from the server room.
I think this law will severely affect the way Web sites are developed, tested and managed because security now becomes a requirement. You may see a lot of employers starting to require their Web developers and server administrators have security training and certificates. You will also see several new policies that get put into place regarding the Web application and how it processes confidential data. No longer can you get away with hiring a college kid with no security training to help develop a Web application that accepts user data. You might want to rethink whom you hire to develop your Web apps as a data breach can mean your business if that law passes.
More information:
* Congress seeks to alter legal landscape for data breaches
* Complying with breach notification laws
My personal opinion is that this law is a long time coming. It forces companies to start fixing security issues instead of just hiding the breach behind closed doors. Does this law affect Web site operators individually? No. This law applies to any intrusion that compromises "confidential data," which includes anything from a Web application issue to someone stealing backup tapes from the server room.
I think this law will severely affect the way Web sites are developed, tested and managed because security now becomes a requirement. You may see a lot of employers starting to require their Web developers and server administrators have security training and certificates. You will also see several new policies that get put into place regarding the Web application and how it processes confidential data. No longer can you get away with hiring a college kid with no security training to help develop a Web application that accepts user data. You might want to rethink whom you hire to develop your Web apps as a data breach can mean your business if that law passes.
More information:
* Congress seeks to alter legal landscape for data breaches
* Complying with breach notification laws
This was first published in May 2006
Join the conversationComment
Share
Comments
Results
Contribute to the conversation