|
|
sponsored by Information Security Magazine
|
|
|
Posted:
|
11 Feb 2007
|
|
Published:
|
01 Feb 2007
|
|
Format:
|
HTML
|
|
Length:
|
7
Page(s)
|
|
Type:
|
Journal Article
|
|
Language:
|
English
|
|
|
ABSTRACT:
Organizations sending data abroad must be prepared to comply with a slew of privacy and security regulations. U.S. companies doing business overseas face a quagmire of global regulations for keeping data private and secure. Take Verispan, a provider of health care information and services to the pharmaceutical industry. Gathering information on physicians around the world can be a time-consuming and cumbersome process due to regulatory requirements, says Scot Ganow, Verispan's corporate privacy and ethics officer. Not only does the company need to follow European Union privacy rules, which include providing clear notice to and obtaining verifiable consent from the physicians, but it must research and comply with any specific requirements of individual EU member countries. Even with consent, Verispan uses either EU-approved model contract clauses or Safe Harbor self-certification as extra compliance protection when transferring European personally identifiable data to the U.S.
|
|
|
Author
Jody R. Westby
CEO
,
Global Cyber Risk LLC
Jody R. Westby is CEO of Global Cyber Risk LLC and an adjunct distinguished fellow for Carnegie Mellon CyLab. She chairs the American Bar Association's Privacy & Computer Crime Committee.
|
BROWSE RELATED
RESOURCES
Data Security | European Union | Globalization | Privacy Rights | Regulatory Compliance
|
View All Resources
sponsored by Information Security Magazine
|
|
|
|
|
|
TechTarget provides enterprise IT professionals with the information they need to perform their jobs
- from developing strategy, to making cost-effective IT purchase decisions and managing their
organizations' IT projects - with its network of
|
|
|
Definitions:
|
|
 |
|
|
All Rights Reserved,
Copyright 2000 - 2007, TechTarget |
|
|
|
|
Free Newsletters