Program Helps Businesses Comply with State and Federal Data Privacy Legislation
CHICAGO (May 6, 2010) - Trustwave, a leading provider of information security and compliance solutions, has launched a first-of-its-kind Data Privacy Program comprised of security services that help businesses protect their customers' personally identifiable information (PII) and other sensitive data.
Organizations in specific industries have long been subject to compliance mandates, such as the Payment Card Industry Data Security Standard (PCI DSS) and Health Insurance Portability and Accountability Act (HIPAA), requiring them to protect sensitive data. New data privacy legislation broadens that scope to all businesses that receive, store or have access to PII, which is sometimes defined simply as a person's name and driver's license number. Data privacy laws already exist in 46 states and legislation designed to protect PII is currently pending on the federal level. Securing sensitive consumer data has become a required ongoing process, including businesses that do not handle credit card information or other sensitive financial data.
The cost of protecting PII is significant, with businesses that experience a breach often incurring the direct expenses of public notification, additional customer service burdens and credit monitoring for affected consumers. Indirect costs such as brand damage can result in loss of business and deterioration of market value. However, recent industry analyst reports have shown that the implementation of a data protection program can cost less than two percent of the expense of containing a data breach once it has occurred. Trustwave's Data Privacy Program is the first such data protection offering specifically designed to help organizations protect PII.
"Our compliance engagements and forensic investigations reveal that many organizations do not know where sensitive data is stored within their environment," says Robert J. McCullen, chairman and CEO of Trustwave. "Trustwave's program is a comprehensive approach that will help implement key security initiatives to facilitate data management and protect sensitive data to help ensure the business is meeting data privacy regulations."
The Trustwave Data Privacy Program helps businesses and organizations establish and maintain a compliance program that meets data privacy requirements. To help protect organizations from breach-related expenses, the program offers the following for large and small businesses:
- Assistance in developing applicable security policies for the protection of personal information
- Discovery and classification of personal information stored in the corporate environment
- Encryption of personal information at rest and in transit
- Identification of asset vulnerabilities
- Employee education regarding computer system and personal information security
The Trustwave Data Privacy Program is structured to protect the information handled by all types of businesses and organizations, regardless of the manner in which personal data is stored or transmitted. Key components of Trustwave's program focus on Physical Data Privacy (PDP) and Electronic Data Privacy (EDP) and include the following options:
- PDP - protects entities that maintain PII physically, but do not store or transmit such information electronically
- EDP Core - protects entities that store PII electronically
- EDP Mobile - protects PII stored electronically on mobile devices
- EDP Transport - protects PII electronically transported over public networks
"I'm proud of our role as pioneers in the evolution of data protection - there's not another program like this in the marketplace," says McCullen. "This is really just another demonstration of Trustwave's commitment to delivering security and compliance solutions that solve real world problems for our customers."
Trustwave recently hosted a webinar that provided more detail about its Data Privacy Program. To access a copy of that webinar for your review, please click here.
About Trustwave
Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com/en-us/.