Cut From the Same Cloth as PCI DSS

Jan 28, 2020 08:00 pm Cyber Security 200
Cut From the Same Cloth as PCI DSS


Finally, some good news about CCPA: If you’ve built your security infrastructure to PCI DSS standards, you may be already covered by California’s new data protection rules
Feeling a little frantic about implementing the California Consumer Privacy Act (CCPA)? The good news is that you may already be in compliance since many of the same protections are already embedded in the PCI DSS law enacted in 2006.
Effective Jan. 1, CCPA applies to any organization that collects and processes personal data on California residents. The CCPA conveys new rights regarding personal information and imposes new data protection responsibilities on organizations operating in the state, or those conducting business that involve California citizens. 
It is highly likely that you are already conducting business that involves California residents, which makes CCPA compliance mandatory. Microsoft, for one, has pledged its obedience to the law, and will be using CCPA as a framework across all US operations.
But depending on your line of business, your organization may have already implemented data privacy and protection regulations and practices that satisfy certain CCPA requirements. Here are two aspects of CCPA that focus on privacy of personal information and data protection that are comparable to PCI DSS:
CCPA describes personal information as any data that directly or indirectly identifies a particular person or household, while PCI DSS focuses primarily on payment cardholder data. CCPA compels organizations to implement and maintain “reasonable security procedures and practices” to protect the personal information. PCI DSS provides more depth, such as rendering the cardholder data unreadable anywhere it’s stored and encrypting the transmission of cardholder data across networks (both are considered reasonable best practices by IT security professionals). If these are not addressed, serious fines could be handed out by California regulators, or the company could be taken to court by ..

Support the originator by clicking the read the rest link below.
cloth
Read The Rest from the original source
nationalcybersecurity.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!