A study commissioned by Microsoft Corp. and RSA, the Security Division of EMC, alleges that companies place too much focus on securing personal data such as customer, medical and financial information versus corporate data (trade secrets and other proprietary information). According to the report, this can cause irreparable damage to a company’s competitive edge. The

This week, the Supreme Court of New Jersey unanimously ruled on a novel issue of privacy law, holding that an employee has a reasonable expectation of privacy in e-mail communications with her attorney sent and received through a personal, web-based e-mail account even though the account is accessed on an employer-issued computer. In making its

The First Circuit Court of Appeals has ruled that, by accepting credit cards for payment, retailer TJX and its processing bank, Fifth Third, could have negligently misrepresented to credit and debit card issuers that their data security practices were in compliance with the security protocols established by VISA and MasterCard operating regulations. The First Circuit

On Friday, May 1, 2009, Heartland Payment Systems Inc. announced that it is again compliant with the Payment Card Industry Data Security Standard. In April 2008, a compliance audit determined that Heartland was PCI compliant but, sometime after that, Heartland fell out of compliance. In January 2009, the payment processor reported that it was

Next week, at a meeting of the Payments Processing Information Sharing Council, an organization created to share information about threats, risk mitigation and fraud, Robert O. Carr, chairman and chief executive of Heartland Payments Systems Inc., will discuss the company’s recent widely reported data breach. The Payments Processing Information Sharing Council is an offshoot of