Q

How do government regulations address application security?

When it comes to Web application security, government regulations such as Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach Bliley Act (GLBA) don't say much. SearchAppSecurity.com expert Caleb Sima explains.

How do government regulations such as Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach Bliley Act (GLBA) address Web application security?
Web security is not specifically called out in HIPAA, GLBA, Sarbanes-Oxley or even the Federal Information Security Management Act (FISMA). Only general info security and system requirements are discussed. However, Visa's Payment Card Industry Data Security Standard (PCI) does have sections specifically dedicated to Web security. I predict we will see more focus on Web security in government regulations in the future due to the rapid growth toward a Web-enabled world.

More information:
* Encryption may help regulatory compliance
* Commentary: Why companies still struggle with compliance
This was first published in February 2006

Dig deeper on Software Security Test Best Practices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close