So many breaches by companies on consumers' personal data in the last year, sometimes basically torpedoing the company in question by killing its reputation.■"Date Security Laws Seem Likely, So Consumers and Businesses Vie to Shape Them," by Tom Zeller, Jr., New York Times, 1 November 2005, p. C3.
Now Congress is considering up to a dozen bills, many which will mandate all sorts of new reporting regulations, like confessing each breach to the FTC. Companies, naturally, seek to fight such regulation, but if it must come, they want a clear federal rule set to ride herd over any discrepancies by state, otherwise the compliance issues skyrocket in complexity.
The biggest problem right now, according to an expert quoted in the piece, is "the patchwork of laws governing too many narrowly sliced industries and too many different situations, when it is really all about the data."
The nightmare? The FTC routinely auditing your company's security program following every reported breach.
It's stories like these that make my job as Senior Managing Director of Enterra Solutions, provider extraordinaire of rule-set automation that covers your ass on both reporting and audit trails, far easier than it might seem. Once a door is opened, this capability sells itself in the current, highly-complex-and-growing-ever-more-so regulatory environment.
Expect to read more and more stories like this. Privacy is the ultimate human right in the networked world.