Is encryption required for compliance with current privacy and security laws?

((Content component not found.)) Some of the state breach notification laws, like California's SB 1386, say that unencrypted personal information falls within the scope of notification. So, if a breach occurs, or is suspected to have occurred, and everything is encrypted, you may not have to report the incident to the information owners. But, if it's unencrypted, that's when you'll have to worry about it. It varies from state to state, so you've definitely got to do some research in this area. Even with SOX, it could be argued that financial controls may include storage encryption.

So, it all depends on the particular scenario, the size of the organization, whether or not you are a credit card merchant for PCI, etc. There needs to be someone in every organization that can look at these laws and say what's what and put you on the right track.

Check out the entire Storage Encryption FAQ guide.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Secure data storage Data storage compliance in the UK Encryption key management is vital to securing enterprise data storage Continuity Software adds disaster recovery service-level agreement management to RecoverGuard Avoid data migration project failure: Five best practices Storage encryption technology options for UK storage managers Encryption key management challenges Using continuous data protection (CDP) for data backups Explaining RAID levels and RAID data protection Council uses continuous data protection to protect sensitive files The difference between continuous data protection and snapshots Email archiving and compliance initiatives Mimosa NearPoint email archiving software cuts PST file sprawl at BAM Nuttall Symantec plans Data Insight software to link storage resources with data owners Data storage compliance in the UK Iron Mountain Digital spends $112 million on Mimosa Systems for on-premise data archiving Training and education key to IT compliance, says Hillingdon's Bearpark Microsoft Exchange 2010 adds email archiving and high availability features Dexrex Gear offers cloud instant messaging and social media data archiving EMC lays out data archiving and eDiscovery plans Data storage management case studies from SearchStorage.co.UK The difference between data backup and data archiving

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Data Protection Act 1998  (SearchStorageUK.com) Freedom of Information Act 2000  (SearchStorageUK.com) Information Commissioner's Office (ICO)  (SearchStorageUK.com) MiFID  (SearchStorageUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary