| 8.26.2010 |
San Francisco Examiner |
Two Arrested in Electronic Waste Recycling Fraud Case
Two managers of California electronics recycling warehouse Tung Tai Group were arrested for allegedly attempting to defraud the state out of $1 million in recycling reimbursement claims. Jason Huang and John Chen were arrested Friday, officials said, with arrangements made to bring Tung Tai owner Joseph Chen from China. The men are charged with making false reimbursement claims with the California Department of Resources Recycling and Recovery and face a maximum nine-year prison sentence if convicted.
|
|
| 8.25.2010 |
Dark Reading |
California Legislation Would Specify Data Exposed in Breaches
A privacy breach notification bill recently passed by the California legislature would expand the state's existing law regarding how organizations notify consumers of a breach. The new bill requires a company to include the type of personal information exposed in a breach; the date a breach occurred; and a general description of the incident. If a single breach affects more than 500 residents, the organization must notify the Attorney General.
|
|
| 8.23.2010 |
Help Net Security |
New Data Breach Legislation Mulled
Two bills introduced to the U.S. Congress are attempting to set nationwide security and privacy standards for consumers’ personal information. The Data Security and Breach Notification Act of 2010 would require businesses that handle and store private consumer information to use “reasonable security policies and procedures” to protect data and “provide nationwide notice in the event of a security breach.” The Data Security Act of 2010 focuses on financial institutions, retailers and federal agencies that handle vast amounts of consumer data, and includes a breach notification requirement.
|
|
| 8.16.2010 |
Bank Info Security |
U.S. Congress Mulling Data Breach Legislation
While data breaches continue to occur, the U.S. Congress is mulling legislation that would create a federal notification act. One bill pending in the U.S. Senate is Senate Bill 139, sponsored by U.S. Sen. Diane Feinstein of California, which would cover any business or agency that uses or stores personal identifiable information and make it mandatory that victims are informed if a breach occurs. The recently reintroduced Carper-Bennett legislation, known as the Data Security Act of 2010, is aimed to protect businesses and consumers from ID theft and account fraud.
|
|
| 8.13.2010 |
Environmental Leader |
U.S. GAO Report Advises Federal Role to Manage E-waste Exports
Noting the lack of a national approach, a new study from the U.S. Government Accountability Office (GAO) reveals that one of the biggest issues regarding electronics recycling laws that must be addressed is the export of e-waste. Currently, 23 states have enacted some form of electronics recycling legislation, but the GAO says a greater federal regulatory role over exports could address the authority limitations of the U.S Environmental Protection Agency (EPA) and states to regulate exports.
|
|
| 8.12.2010 |
Sustainable Business |
U.S. GAO E-waste Report Misses the Mark on Basel Convention
A new U.S. Government Accountability Office (GAO) report that addresses the management and trade of hazardous electronic waste correctly urges the U.S Environmental Protection Agency (EPA) to deal with the massive flow of U.S. e-waste. However, according to the Basel Action Network (BAN) and the Electronic TakeBack Coalition (ETBC), it misses the mark in recommending that the EPA put forward legislation that would ratify the Basel Convention, without first prohibiting the export of hazardous e-waste to developing countries. “Implementing the Basel Convention by itself will do more to legitimize shipments of electronic waste then it will to prohibit them,” said Jim Puckett, executive director of BAN, noting that the federal government “must first ensure that a ban on exports to developing countries for hazardous wastes such as electronic waste is firmly in place as Basel alone could open the flood gates even wider.”
|
|
| 8.3.2010 |
Modern Healthcare |
HIPAA Hazard: Pharmacies and Privacy Protection
According to the Office for Civil Rights, the government agency charged with enforcing the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule expects to deal with more “cases of willful neglect more stringently, reserving the highest penalties for the worst offenders." The stimulus law requires that organizations subject to HIPAA's privacy protections report security breaches affecting at least 500 individuals and those breaches are posted on a Department of Health and Human Services' website. More than 100 organizations have made the list since February.
|
|
| 7.30.2010 |
iHealthBeat |
U.S. HHS Pulls From Review Proposed Final Rule on Health Data Breaches
The U.S. Department of Health and Human Services (HHS) reportedly has withdrawn a proposed version of its final rule for health data breach notification from administrative review by the Office of Management and Budget (OBM). HHS submitted the rule for OMB review in May, which relates to reporting requirements for hospitals, physicians, health plans and other specified handlers of patient information who experience data breaches.
|
|
| 7.27.2010 |
New York Times |
Basel Group Agrees to New Global Rules for Banks
New standards developed after lengthy negotiations among regulators on the Basel Committee on Banking Supervision and designed to reinforce the stability of the global financial system have been approved by European regulators and central bankers. Under the new requirements, banks would have to hold more in capital reserves and cash on their balance sheets to cushion against unexpected shocks, though regulators have not specified a minimum amount.
|
|
| 7.20.2010 |
Let’s Recycle |
EA Secures Prosecution Over Hazardous WEEE Exports
The UK Environment Agency has brought prosecution against Sinoway International, Ltd., charging the UK recycler with illegal export of hazardous waste electrical and electronic equipment to Hong Kong. The EA was informed by the Hong Kong Environmental Protection Department about a suspected illegal hazardous waste shipment that included several hundred computer monitors. Sinoway was fined £2,000 and must pay costs of £2,700.
|
|
| 7.19.2010 |
eWeek Europe |
UK Government Scraps IT Recycling Body
The Waste Electrical and Electronic Equipment Advisory Body (WAB), the UK government and industry group charged with overseeing the Waste Electrical and Electronic Equipment (WEEE) directive, has been disbanded, UK business secretary Vince Cable announced. Cable said the move was part of the coalition government’s strategy to reduce costs. The WEEE directive was adopted by the European Commission in 2003, but wasn’t actually enacted and enforced as UK law until 2007, when WAB was established.
|
|
| 7.14.2010 |
NextGov |
U.S. Senators Reintroduce Identity Theft Measure
The 2010 Data Security Act was reintroduced in the U.S. Senate recently. The bill would trump state regulations that seek to protect consumers from identity theft by establishing a national law that requires public and private institutions to safeguard sensitive data and notify people whose personal information might have been compromised. Introduced by Sens. Tom Carper of Delaware and Bob Bennett of Utah, the bill would affect any entity that maintains individuals' personal data, including financial institutions, retailers and federal agencies. The legislation was last introduced in 2007.
|
|
| 7.2.2010 |
CNBC |
Manufacturers Must Recycle North Carolina Computers
An amended electronic waste bill that would ban the improper disposal of computers in North Carolina beginning in January 2011 and assign shared responsibility for recycling electronics to manufacturers and local governments awaits the signature of Gov. Bev Perdue. Manufacturers may opt to fund the program directly or pay municipalities to run the program for them. "Consumers need this free and convenient recycling option to encourage them to recycle," said State Sen. Don Vaughan, sponsor of the bill, who added that the law could be a model for other states.
|
|
| 6.30.2010 |
Southern Chester County Weeklies |
Electronic Recycling Bill Passes in Pennsylvania House
Legislation to require electronics manufacturers to establish a statewide e-waste recycling program has passed the Pennsylvania House. If approved, the bill, introduced by State Rep. Chris Ross, would ensure that e-waste is recycled in an environmentally acceptable manner and establish a ban on e-waste disposal in Pennsylvania landfills two years after the effective date. “A state program is needed because a recycling program has not been enacted on the federal level,” Ross said.
|
|
| 6.28.2010 |
CFO |
U.S. Supreme Court: A SarbOx Split
The U.S. Supreme Court last week tweaked the part of the Sarbanes-Oxley Act (SarbOx) that preserves the makeup of the Public Company Accounting Oversight Board (PCAOB), which oversees the accounting industry, but decided that such a change does not open up the entire 2002 law to scrutiny. In a 5-4 decision, the judges restricted their views to whether the President has "adequate control" over board-member appointments for overseeing "a vital sector of our economy." To fix what the majority thought was a discrepancy, the judges ruled that the board members should be subject to at-will removal by the U.S. Securities and Exchange Commission.
|
|
| 6.22.2010 |
Network World |
Security Group Stretching Payment-card Standards Cycle to Three Years
The Payment Card Industry (PCI) Security Standards Council says it will begin moving to a three-year cycle related to the main technical standards it issues for protection of sensitive payment-card information, allowing merchants more time to adopt them. The council will issue its updated Data Security Standard (DSS) in October, but it will not be effective until Jan.1, 2011.
|
|
| 6.16.2010 |
ZDNet |
Mayors Say No to Bearing the Cost of E-waste Disposal
Nearly half of U.S. states have passed a law governing the disposal and handling of electronic waste, so the U.S. Conference of Mayors has adopted a resolution calling for state legislation to shift the cost of dealing with e-waste away from taxpayers and local governments and onto producers. Modeled after policies used extensively in California, New York, Massachusetts, Minnesota and Texas, the resolution extends producer responsibility and product stewardship.
|
|
| 6.11.2010 |
eSecurity Planet |
Keeping Pace with Data Encryption Laws
New data encryption laws are now making their way through state legislatures, aiming to go beyond breach notification laws. In the U.S., 48 states have some form of data breach law on the books now, but data encryption laws, such as regulations passed in Nevada and Massachusetts, are designed to make it more difficult for personally identifiable information to be stolen, experts say.
|
|
| 6.7.2010 |
CBS News |
New York State Passes Tough E-Waste Law
New York has joined 22 other states in enacting an electronic waste recycling law. The law recently signed by Gov. David Paterson requires all manufacturers that sell electronic equipment in the state to establish an e-waste recycling program by April 1, 2011, and makes it illegal for individuals to dispose of e-waste at landfills, effective Jan. 1, 2015. Several national e-waste bills have been introduced in the U.S. Congress in recent years, but none has passed, leading states to take independent action.
|
|
| 6.6.2010 |
Computerworld |
U.S. FTC Examines Privacy Risks of Copier Hard Drives
U.S. Federal Trade Commission Chairman Jon Leibowitz said the agency is examining whether copier makers and resellers are warning their customers about privacy risks and offering "options for secure copying." The government agency is urging the copier industry to address the fact that digital copiers store thousands of documents on internal hard drives.
|
|
| 6.1.2010 |
Bank Info Security |
U.S. FTC Again Delays Red Flags Enforcement
The U.S. Federal Trade Commission has yet again delayed enforcement of the Identity Theft Red Flags Rule, which had been slated for enforcement beginning June 1. The postponement to Dec. 31 marks the fifth time that the enforcement date has been pushed back since 2008. Under the Red Flags Rule, organizations that extend credit to their clients must develop and implement written ID theft prevention programs that help identify, detect and respond to patterns, practices or specific activities.
|
|
| 5.24.2010 |
Health Leaders Media |
Civil Rights Office to Beef Up HIPAA Audits
The Civil Rights Office within the federal Health & Human Services Department has hired an outside firm to help it create a more robust enforcement regimen for HIPAA, the law that mandates the protection of patient privacy and security. Congress directed the agency to beef up its enforcement of privacy provisions under the HITECH law it passed last year.
|
|
| 5.12.2010 |
Search Health IT |
Experts Expecting Plenty of Company for HIPAA
As electronic medical records become more common and the leakage of private patient data thus becomes more of a concern, the granddaddy of federal regulations governing patient data–the Health Insurance Portability and Accountability Act, or HIPAA—won’t be the only rules with which the industry must contend, according to one legal expert. “Robert Belfort, health care law expert for Manatt Phelps & Phillips LLP, said at last month's Healthcare Stimulus Exchange that the dilemma that personal health record (PHR) services present has made adaptation necessary,” the magazine noted.
|
|
| 5.4.2010 |
Insurance News Net |
Consequences of Non-compliance with Payment Card Security Standards
Following the world's largest breach of payment card information last year, more attention was paid to existing regulations requiring merchants to prove their compliance with the Payment Card Industry - Data Security Standard (PCI-DSS). Experts recommend that businesses whose payment card transactions represent a significant part of their revenue stream have their PCI DSS compliance accurately assessed by accredited professionals with a comprehensive background in IT controls auditing and information systems security. The deadline for filing PCI-DSS compliance reports is October.
|
