• Personally-identifiable information like a date of birth or social security number is controlled by both California Senate Bill 1386 and the Personal Information Protection and Electronic Documents Act (PIPDEA) in Canada.
• Personal Credit Information like credit card numbers and bank account numbers is controlled by Payment Card Industry (PCI) policies and laws like Financial Modernization Act (commonly known as the Gramm-Leach-Bliley Act).
• Personal Health Information is protected by laws like the Health Insurance Portability and Accountability Act (HIPAA).
•Corporate financial information is protected by laws like the Public Company Accounting Reform and Investor Protection Act of 2002 (commonly known as the Sarbanes-Oxley Act).
• Additional legislation like the Data Protection Act in the UK and the Data Protection Directive 95/46/EC in the European Union also play a role in complicating this problem, as do International Safe Harbor agreements and principles.
• Information relating to some national security applications is controlled under the International Traffic in Arms Regulations (ITAR) and regulations published by the US Office of Foreign Assets Control.
• In some places, even employees’ work phone numbers may be considered personal and protected information.
Loading Comments...