BankInfoSecurity.com will offer a webinar on Key Compliance Regulations Driving Information Security at Financial Institutions on August 7.
Princeton, NJ, (BankInfoSecurity.com) August 2, 2007 -- The increased scrutiny of examiners on financial institutions’ information security practices, coupled with the ever-growing menace of online criminals and data breaches, means that institutions can't have a “do it once and you’re compliant” throw-away attitude for information security any longer.
While GLBA is the primary law that comes to mind when most of us think of security and protecting information, in reality there are more than a half dozen. GLBA was just the tip of the iceberg. This doesn’t even take into consideration the plethora of regulatory agency guidance that has emerged since GLBA was enacted in 1999. All the regulations and laws have the same theme – protecting information assets whether it is consumer non-public personal information (NPPI), corporate financial information, consumer credit card information or individual health information, all require the implementation of administrative, technical and physical controls.
It’s become known as the “Compliance Decade” at many financial institutions. With the ever-growing list of regulations and guidance, financial institutions are faced with an unending battle to keep ahead of a constant stream of supervisory letters and interagency proposals. The last 10 years have seen a deluge of regulation - from HIPAA in 1996, to the E-Discovery of 2006, and everything in between - and many information security and compliance officers continue to spend long hours over the latest issuance, seeking to determine if their bank or credit union are compliant. Aside from having a clear picture of Federal and State regulation requirements, the real threat of government penalties for non-compliance can seem overwhelming - especially when it comes to issues of information security.
This webinar will cover the laws and regulations that drive information security at financial institutions. As an attendee, you will have the legal and regulatory requirements explained in an easy-to-understand language, as well as what penalties you may face if you're found non-compliant. This webinar will provide a roadmap to guide you on the following issues: information security program management, risk assessments, third party vendor management, incident response, and customer education.
- Key Information Security Related Regulations
- GLBA (Gramm-Leach-Bliley Act)
- SOX (Sarbanes Oxley)
- FACTA (Fair and Accurate Credit Transaction Act)
- US Patriot Act
- State Data Protection Laws
- E-Discovery (Electronic Discovery in Federal Rules of Civil Procedure)
- PCI Standards (Payment Card Industry)
The presentation will also uncover the common themes among the regulations, and list first-hand commentary from presenter Susan Orr, a former federal examiner, on what’s happening at financial institutions today. This includes a detailed list of what specifically needs to be implemented in order to meet requirements, as well as offer best practices insight. The final piece of the webinar will look at upcoming proposed legislation that may affect information security programs at financial institutions, including a national data protection law and regulatory guidance concerning merchant capture.