NATIONAL GROCERS ASSOCIATION - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

NATIONAL GROCERS ASSOCIATION

Description:

... Card Fraud. Utilities Fraud. Bank Fraud. Mortgage Fraud. Employment Related Fraud. Government Documents Fraud. Benefits Fraud. Loan Fraud. Health Care Fraud. PII ... – PowerPoint PPT presentation

Number of Views:61
Avg rating:3.0/5.0
Slides: 19
Provided by: jenn74
Category:

less

Transcript and Presenter's Notes

Title: NATIONAL GROCERS ASSOCIATION


1
NATIONAL GROCERS ASSOCIATION FINANCIAL
MANAGEMENT TECHNOLOGY SYMPOSIUM Personally
Identifiable Information(PII) REGULATORY
ENVIORNMENT 2009 Presentation by Ross
Federgreen LAS VEGAS, NV FEB 2009 Founder,
CSRSI THE PAYMENT ADVISORS
2
PII Covers a wide range of data elements which
can be tied back to or represent a given
individual and can be used to cause harm to the
individual if used without proper authorization.
3
  • PII
  • Individual Name
  • Address
  • Telephone number
  • Social Security number
  • Driver License number
  • Date of Birth
  • Bank Account number
  • Credit and Debit card number
  • State Identification number
  • Passwords

4
  • PII
  • Regulation
  • ALL States
  • Federal
  • Civil and Criminal

5
  • PII
  • Federal Information Security Laws
  • Federal Trade Commission Act of 1914 (FTC Act)
    and FTC Standards for Safeguarding Customer
    Information (FTC Safeguards Rule) enacted in
    2003.

6
  • PII
  • Federal Information Security Laws
  • Federal Privacy Act
  • Federal Information Security Management Act
  • OMB Security Act
  • Veterans Affairs Information Security Act
  • Gramm-Leach-Bliley Act
  • Federal Trade Commission Act (FTC ACT)
  • Fair Credit Reporting Act
  • Hospital Insurance Portability and
    Accountability Act (HIPAA)
  • Public Company Accounting Reform and Investor
    Protection Act (Sarbanes-Oaxley)
  • Family Educational Rights and Privacy Act
    (FERPA)
  • Drivers Advocacy Protection Act (DPPA)
  • Fair and Accurate Transaction Act (FACTA)
  • USA Patriot Act

7
  • PII
  • Federal Information Security Laws
  • Customer Identification Program Rules
    implementing Section 326 of the Uniting and
    Strengthening America by Providing Appropriate
    Tools Required to Intercept and Obstruct
    Terrorism Act of 2001 (USA Patriot Act)

8
  • PII
  • 110th Congress-Data Security Bills
  • Three bills were reported favorably out of Senate
    committees
  • S.239 (Feinstein)
  • S.495 (Leahy)
  • S.1178 (Inouye)
  • Information and Data Breach Notification
    Requirements
  • Other bills introduced
  • S 806 (Pryor) S 1202 (Sessions) S 1260 (Carper) S
    1558 (Coleman)
  • HR 516 (Davis), HR 836 (Smith), HR 958 (Rush), HR
    1307 (Wilson)
  • HR 1685 (Price), HR 2124 (Davis)

9
PII As of January 2008, 39 states have enacted
data security laws requiring entities to notify
persons affected by security breaches and in some
cases, to implement security programs to protect
the security, confidentiality and integrity of
data. Six states have introduced bills or
enacted legislation to strengthen merchant
security and/or hold companies liable for third
party companies cost arising from data
breaches. California Connecticut Illinois Massachu
setts Minnesota Texas
10
PII Federal Trade Commission (FTC) Identity
theft is the most common complaint from consumers
in all 50 states. Represents between 35 and
40 of all complaints for the years 2005, 2006
and 2007 In 2006 there were over 246,000
complaints filed.
11
PII Data Breaches Identity Theft Financial
Crimes Credit Card Fraud Utilities Fraud Bank
Fraud Mortgage Fraud Employment Related
Fraud Government Documents Fraud Benefits
Fraud Loan Fraud Health Care Fraud
12
PII Public concerns with Identity
Theft Security of sensitive
information Security of computer
systems Federal laws protecting Adequacy of
enforcement
13
PII LIABILITY FOR Identity Theft
Retailers Credit Card Issuers Payment
Processors Banks Data Processors
14
PII CRIMINAL PROSECUTION FAILURE TO
REPORT UNAUTHORIZED POSSESSION UNAUTHORIZED
ACCESS FAILURE TO SAFEGUARD
15
PII Federal Trade Commission CONSENT DECREE
JANUARY 2008 LIFE IS GOOD.com Being embraced as
a minimum standard for operating entities to
comply with on a going forward basis
16
PII Federal Trade Commission CONSENT DECREE
JANUARY 2008 COMPREHENSIVE INFORMATION-SECURITY
PROGRAM Includes administrative, technical and
physical safeguards tailored to the size of the
commercial entity, the nature of its activities
and the sensitivity of the personal information
collected. SIX GENERAL MANDATES
17
PII CONCLUSION PCI DSS IS A SUBSET OF PII
REGULATION SIMPLY ASKING A MERCHANT TO ANSWER
THE PCI DSS SAQ WITHOUT TRUE EDUCATON, RISK
ANALYSIS AND FOLLOW-UP MONITORING FAILS TO MEET
THE STANDARD REGULATION, RISK AND LIABILITY WILL
ONLY INCREASE IN THE CURRENT ENVIRONMENT
18
QUESTIONS ?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "NATIONAL GROCERS ASSOCIATION" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!