blog.brandprotect.com

Internet Threat Protection, It’s no longer just the right thing to do, its the Law!

  

 Email Article  

Tweet  

  

  

November 2010.

https://www.internet911.com/downloads/The-Case-for-Internet-Brand-Governance.pdf

A white paper titled: The case for internet brand governance, by Kevin Joy, Vice President, BrandProtect Inc.

This is a comprehensive whitepaper discussing the various legislation requirements around online internet Threat protection. Including:

FTC Red Flags Rules

These rules require “Financials” and “Creditors” (The definition of “Creditors” is any company that provides a service for which it gets paid at a later date) to prepare an Identity Theft prevention program that includes monitoring, analysis and mitigation. “Regulations are quite clear on what constitutes “foreseeable threats”. Financial institutions must protect customers against substantial harm or inconvenience”. Susan Orr, IT audit and regulatory compliance consultant and former federal examiner.

Finra 10-6 rules

Covers compliance and regulatory considerations when using social networking sites to communicate firm business.

FDA (Food and Drug Administration)

The FDA has drafted guidelines addressing Pharmaceutical companies’ use of Social Media – (http://bit.ly/di01To). These include guidance on the responsibility for responding to user comments and disclosure requirements around the payment of bloggers in the promotion of drugs.

GLBA – Gramm-Leach-Bliley Act (Financial Services Modernization Act of 1999)

These policies geared to financial institutions state that policies must be in place to protect customers from foreseeable threats in security and data integrity, including that for “Pretexting” protection. Pretexting –also referred to as ‘social engineering’ occurs when someone tries to gain access to personal information without the proper authority to do so.

HIPAA (Health Insurance Portability and Accountability Act of 1996)

HIPAA applies to health care providers and requires general security measures to guard against unauthorized disclosure of personal health information stored or transmitted electronically.

NFA Rule 2-29(h) (National Futures Association)

Provides guidance to firms that engage in radio/TV advertising and any online videos, tutorials, audio recordings, webinars and other type of electronic media which may discuss trading recommendations, profit targets, or general trading results including their use of Social Media.

SOX (Sarbanes-Oxley Act of 2002)

SOX Section 404 requires publicly traded firms to perform a fraud risk assessment and evaluate controls to prevent or detect fraud.

Download white paper at https://www.internet911.com/downloads/The-Case-for-Internet-Brand-Governance.pdf