09/24/2007 - A bill (H.R. 4127) that would require that companies protect the personal information of customers has been approved by the House Energy and Commerce Committee, the House Judiciary Committee, and the House Financial Services Committee. The bill has now been taken up by the full House. H.R. 4127 would require that any company that holds or transmits individuals’ personal information establish security to protect that information. The bill would also require that information brokers set up reasonable procedures to verify the accuracy of information they collect, assemble, or maintain. H.R. 4127 prohibits information brokers from obtaining or attempting to obtain personal information through false pretenses. The bill defines false pretenses as making false statements or representations or providing counterfeit, lost, stolen, or fraudulently obtained documents.
09/24/2007 - John Bumgarner, research director for security technology with the US-CCU, says that the idea for the checklist evolved because, despite the number of industry-specific guidances (such as Sarbanes-Oxley and ISO standards), there was nothing aimed at nontechnical managers.
09/20/2007 - Recognizing that compliance with Sarbanes-Oxley is disproportionately costly for small companies, the Greater Boston Chamber of Commerce has called for the Securities and Exchange Commission to exempt small public companies from certain provisions of Section 404 of the statute. Section 404 requires public companies to put into place an internal control structure for financial reporting and to report annually on the structure’s effectiveness. @ That recommendation, and four others, can be found in a fairer climb: improving Sarbanes-Oxley, available at SM Online.