Definition of SB1386
What is SB 1386?
SB 1386 is an existing law that regulates the maintenance and dissemination of personal information by state agencies, as defined, and requires each agency to keep an accurate account of disclosures made pursuant to specified provisions.
|
|
SB1386
|
|
Compliance and Risk Management: SB-1386
In a compliance environment that contains overlapping, inconsistent, sometimes untested and often contradictory laws and regulations, organizations must increasingly turn to best practice solutions that will simultaneously combat their real-world information threats while helping them meet regulatory requirements. ISO 17799 is one such best practice framework and Cisco's Self Defending Network provides the first line of corporate defense, because it is the foundation for the organization's data, applications and business processes-all of which must be protected if SB-1386 compliance is to be achieved.
Read the Article
|
SB 1386: How California Wants to Keep Your Secrets
The law, in effect as of July 1, 2003, applies only to Californians, though Americans around the country may reap benefits. It can be extremely expensive and time consuming for companies to sift through customer lists and pull out only those in a specific geographical region, so if a breach occurs, many companies have elected to notify any customer whose information may have been stolen.
Read the Article
|
California S.B. 1386 Whitepaper
This personal information privacy law requires any organization (state agency, person or business) conducting business in California and processing personal information for California residents to disclose any information security breach to California residents whose unencrypted personal information was obtained by an unauthorized person.
Read the Article
|
SB 1386: California's Required Notification Law
The trust and goodwill earned by taking proactive steps to protect customer privacy make SB 1386 a value proposition that reaches far beyond the obvious benefits of legal compliance. These steps, properly implemented, will minimize the organization's risk of non-compliance, and can provide a starting point for shoring up data privacy and security controls throughout the enterprise.
Read the Article
|
Berkeley Campus Plan Implementing SB 1386
The purpose of this new provision and University implementing requirements is to enhance the management of personal information that could be used, possibly in conjunction with other information, to impersonate an individual in ways that might cause serious loss of privacy and/or financial damage.
Read the Article
|
SB 1386 Bill
Formatted version of California's SB 1386 Bill.
Read the Article
|
Case Study: One Companys Response to the California Identity Theft Law
The California identity theft law, SB 1386, went into effect July 1, 2003, soon after several cases of identity theft were perpetrated by individuals who had stolen our clients' confidential data. The convergence of these events set the stage for risk mitigation and remediation efforts by the CISO's office, for which I was the assigned lead in my new role of Deputy CISO. This case study tells the story of how our company dealt with these twin challenges, of suffering the theft of some confidential client data, at the same time a new law was enacted that set compliance-goals to protect consumers. An inventory and assessment of over 100 application environments categorized the risk factors emanating from various tiers: Back-end servers, middle-tier (including network) systems, client-tier systems and business-risk. Risks were methodically identified in this fashion and vetted by stakeholders, along with proposed mitigation and remediation actions.
Read the Article
|
|
|
Members currently browsing this category:
|
|
