Europe plans new data breach rules

Posted by Cath Everett PM | on Thu, 07/07/2011 - 11:30  1726  1 comment

Cath Everett explores the implications of tougher data breach rules proposed by the European Commission
 
The European Union is planning to make it mandatory for all businesses to notify customers should the security of their personal information be breached.

The proposal is part of an overhaul of EU data protection legislation that was first introduced in 1995. At the recent data protection and privacy conference hosted by the British Banking Association in London, European justice commissioner Viviane Reding said, “I intend to introduce a mandatory requirement to notify data security breaches – the same as I did for telecoms and internet access when I was Telecoms Commissioner, but this time for all sectors, including banking and financial services.”

Recent high profile security breaches and hacker attacks at Sony and Sega have turned data protection into a political issue. The philosophy behind the proposed reforms to the directives that govern this area was to create a stronger incentive for businesses to undertake risk assessments and put in place measures to protect the confidentiality, integrity and availability of personal data.

Reding also wanted to protect personal data in the Cloud, even though it was widely claimed that such regulation was impossible.
 
“I am considering the inclusion of the ‘accountability principle’ in my reform so that data of citizens exported to third countries is always exported with their rights attached,” she said.

This article is based on a report that was originally published by MyCustomer.com.

Continued...

» Register now

The full article is available to registered AccountingWEB members only. To read the rest of this article you’ll need to login or register.

Registration is FREE and allows you to view all content, ask questions, comment and much more.

Tags
security
accounting software
Cloud Computing
EU
data protection
Arithmo
ISO 27001
Arithmo Accounting software
data centre
Technology
More like this
Comments
ERP_Consultant_Dalbir's picture

Data Centres used by cloud accounting software vendors

ERP_Consultant_... | Mon, 11/07/2011 - 15:35 | Permalink

A really good and relevant article in the era of cloud computing.

The article brings to attention the need for accountants to also ask cloud software vendors questions about security of their clients’ data, when they are assessing accounting software on behalf of their clients.

Data Centres used by reputable cloud software vendors to store their database should be ISO 27001 accredited.  ISO 27001 is the international auditable standard for an Information Management Security System.

Dalbir

Arithmo Accounting Software

Related links
Experience Moneypenny, the UK’s leading telephone answering service, for FREE