Are the PCI Council’s FAQs Incorporated and Part of the PCI Standard?
This is the basic question I posed to Bob Russo, General Manager of the PCI Council, during an online PCI forum put on by SC Magazine: Are the FAQs incorporated into and automatically made part of the...
View ArticlePCI: “Follow the Standards to the Letter”
An interesting quote from Bob Russo on how the PCI standard should be followed: Bob Russo, the general manager for the PCI Security Standards, a group that devises data security measures for the five...
View ArticleIs Something Wrong With PCI?
A question being asked in various circles in the wake of the Heartland breach. An interesting post by Michael Dahn over at the Aegenis Group. I started to respond and kept going and going and going....
View ArticleNevada Law Incorporates PCI and Provides a Liability Safe Harbor
Nevada appears to be the second State to incorporate the Payment Card Industry Data Security Standard (PCI) into its personal information security law. Minnesota is the other State that incorporated...
View ArticleFAQ on Nevada’s Security of Personal Information Law (NRS 603A)
InfoSecCompliance ("ISC") was recently asked by a prospective client to provide a summary of Nevada’s Security of Personal Information law (NRS 603A) and a recent amendment to the Security Law that...
View ArticleNevada’s Security of Personal Information Law Post Four: Encryption and PCI...
The following FAQs address the encryption and PCI compliance requirements of Nevada’s Security of Personal Information Law, which were added pursuant to a recent amendment to the law. The rest of the...
View Article