The Merchants Strike Back?
With the recent news of several restaurants teaming up to sue point-of-sale system provider Radiant Systems (a copy of the complaint can be found here) for failing to comply with the PCI Standard, it...
View ArticleQuickhits: AMEX settles with Heartland Payment Systems for $3.6 Million
Read all about it: HERE.
View ArticleMassachusetts’s Highest Court Delivers BJ Wholesalers (and other Retailers) a...
While the proverbial jury is still out concerning retailers’ sales success this 2009 holiday season, Massachusetts’s highest court (the Supreme Judicial Court or “Supreme Court” as referenced herein)...
View ArticleIssuing Banks File Class Action Suit Against Acquiring Banks in Heartland...
In an interesting development, a handful of issuing banks impacted by the Heartland breach have filed a class action lawsuit against two acquiring banks related to Heartland Payment Systems. According...
View ArticlePrivacy’s Trajectory
As many of our readers know, the International Association of Privacy Professionals (IAPP) will celebrate 10 years this Tuesday, March 16. In connection with that anniversary, the IAPP is releasing a...
View ArticleLive from the IAPP Global Privacy Summit in Washington, DC, It’s Monday...
This week, I will be providing short updates from the IAPP Global Privacy Summit in Washington, DC. The conference will be in full swing tomorrow, and I will report on various panels and topics of...
View ArticleInformation Governance
When it comes to creating policies for handling personal data in an organization, who decides? How are those policy decisions made and kept up to date? These are questions of governance – I would call...
View ArticleInformation Security Standards and Certifications in Contracting
When organizations contract for outsourced IT services, they look for assurances that the vendor will provide adequate security, often in the form of a security schedule or annex to the contract, or by...
View ArticlePCI liability, HIPAA enforcement rule, breach notification laws
At the RSA Confrence 2012, David Navetta discussed compliance topics, including why PCI liability matters to the card brands, the effect of the HIPAA enforcement rule and international breach...
View ArticleVISA Phases Out the Account Data Compromise Recovery (ADCR) Process and...
In October 2012, VISA quietly released new operating regulations which retroactively phased out VISA’s Account Data Compromise Recovery (ADCR) Process, and replaced it with the Global Compromised...
View Article
