Stronger Credit Card Security Prevails In Minnesota, Fails In Texas
The two states wrangle with the laws surrounding the Payment Card Industry data security standard.
It looks like Texas won't be the first state to pass a law that codifies the personal data protections outlined in the Payment Card Industry (PCI) data security standard.
As the Texas state Senate was this week shooting down a bill that would require businesses that collect personal information to use PCI to secure sensitive personal data, the Minnesota legislature passed its Plastic Card Security Act.
Minnesota becomes the first state to create a law that shifts the costs associated with data breaches from financial institutions to the retailers who mishandle consumers' private financial data. The law, which passed by votes of 122-4 and 63-1 in the House and Senate, respectively, also gives retailers added incentive to protect consumers' information.
It's fitting that Minnesota is the first state to come down on retailers and merchants who are sloppy with customer data. It's been reported that the compromise of TJX Companies' customer records, which have already led to numerous cases of fraud in Florida and other places, originated when thieves hacked into a wireless network at a Marshalls store near St. Paul. TJX is the parent company of Marshalls, TJ Maxx, and other retailers.
The Texas legislature's attempts to get businesses to comply with PCI by law started auspiciously when earlier this month the state's House of Representatives unanimously approved a bill (139-0) compelling businesses to better protect and safeguard sensitive personal information contained in its customer records. The measure fell short this week when the state Senate left the bill pending in its Business and Commerce committee, effectively killing its chances of being passed.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?