Today, more than ever, organizations have to cope with increased concerns regarding privacy issues. These concerns are not limited to consumer fears about how information collected by Web sites will be used or misused. They also involve broader issues, including data collected for direct response marketing, privacy of financial and health records, identity theft, and fraud. Employees are raising questions about acceptable use of phones, e-mail, the Web, and if and when employers can monitor use. Employers find that without policies governing use of these assets, they have no legal basis for action against employees.
The Privacy Papers: Managing Technology, Consumer, Employee, and Legislative Actions is a book for C-level executives, IT managers, HR managers, security officers, privacy officers, and legal professionals. It covers all aspects of technology and legislation that enable privacy and also those that place it at risk. This how-to guide presents sample policies for employee training, awareness, and acceptable use; covers why companies must protect data and how to do it; describes the technology that makes information more private; and lists and summarizes major federal and international privacy legislation.
Corporate espionage can put sensitive company information such as intellectual property, product development, marketing plans, and customer files at risk. With the ever-increasing legislation concerning privacy, it is important for executives to stay up to date. The Privacy Papers will ensure that any company conducting business domestically or internationally will understand how policies governing use of their assets will affect daily operations.
Table of Contents
BUSINESS ORGANIZATION ISSUES
Customer Web Privacy Policies
Education and Awareness Training
Keeping Personal Information Private
Attorney-Client Privilege and Electronic Communications
Auditing and Privacy
Anonymous Internet Activity
E-Commerce and Confidentiality Issues
Information Security and Privacy Officer Roles
Criminal Internet Activity
Legal Primer for ISPs
TOOLS AND RELATED TECHNOLOGY
Encryption and Cryptography
Cookies and Profiling
Monitoring and Content Filtering
Data Mining and Customer Retention Management
Third-Party Assurance Privacy and Security Certifications
UNITED STATES OF AMERICA LAWS AND ISSUES
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Gramm-Leach-Bliley Act (GLB) (1999)
Overviews of other U.S. Privacy-Related Laws and Regulations
Bills Under Consideration
Government Surveillance on the Internet
INTERNATIONAL LAWS AND ISSUES
European Union Data Protection Directive (1995)
Lists and Overviews of Other International Laws, Regulations, and Issues
About the Editor
"…a timely and invaluable sourcebook on privacy issues from A to Z…crafted by Rebecca Herod, CISSP, CISA, and FLMI, a highly respected and experienced information security professional…Herod's contributors read like a Who's Who list of information security professionals…a rich, timely, and essential resource."
Computer Security Alert, November 2001