Execs Testify In Favor Of National Data-Security Law
Executives from Bank of America, ChoicePoint, and LexisNexis also explain what they're doing to protect customer data.
Executives from companies stung by losses or theft of customer information vowed Wednesday to do more to safeguard sensitive information and backed a federal law to require disclosure if customer data is compromised.
In prepared testimony for a hearing by the House Committee on Financial Services, executives from Bank of America, ChoicePoint, and LexisNexis supported legislation patterned after California's law requiring companies to notify customers about security breaches.
ChoicePoint Inc., the information broker whose disclosure of a security breach set off a furor over privacy and identity theft, favors existing laws such as the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act, as well as a "pre-emptive" national law for notifying consumers when a breach has occurred, said Don McGuffey, senior VP for data acquisition and strategy.
In March, ChoicePoint discontinued the sale of information products that contain sensitive consumer data, including Social Security and driver's license numbers, except where there's a specific consumer-driven transaction or benefit, or where the products support government and criminal-justice purposes.
Reed Elsevier plc's LexisNexis division, which last month said data on 310,000 individuals might have been compromised, supports a national reporting law, as well as increased penalties for ID theft and increased resources for law enforcement, said Kurt Sanford, president and CEO for U.S. corporate and federal government markets. The company has tightened its security procedures, such as truncating Social Security numbers displayed in nonpublic documents and limiting access to full Social Security and driver's license numbers to law-enforcement agencies, banks, and other legally-authorized entities, Sanford said.
Bank of America, which disclosed that backup tapes containing customer and account information for 1.2 million government charge-card holders were lost in transit, has implemented corporatewide package-delivery carrier services for backup tape transport, said Barbara Desoer, global technology, service, and fulfillment executive. The bank, she said, favors a "national approach to information security guidelines."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.