Must read: Why aren't businesses doing more to protect your data from identity thieves?
Data security has been a hot topic in the news lately. Citibank, Washington Mutual, OfficeMax and other businesses have been facing a major international debit card security breach impacting as many as 600,000 bank accounts. Not only is data fraud bad for consumers, but it is also expensive and damaging to businesses. So why aren't credit card companies doing more to prevent fraud?
According to an article in eWeek today, Visa and MasterCard have security regulations for their retail partners in place. They just haven't been enforcing the regulations:
Visa calls these new guidelines CISP (Cardholder Information Security Program), and MasterCard calls them PCI (Payment Card Industry) Data Security Standard.
According to a recent Wall Street Journal story (subscription required), Visa says that only 17 percent of 231 large merchants have complied with CISP, and another 75 percent have filed a plan for doing so.
If Visa and MasterCard start to put the pressure on retailers to comply with these security regulations, consumers could see their data been managed in a much safer manner. Basic levels of encryption, passwords and virus protection would become mandatory for all businesses.
What do you think about these security measures? Does it make sense to have data protection regulation come from Visa and MasterCard instead of from legislators? How do you think these rules will impact small businesses? Share your feedback in the comments section below.
I'm trying to figure out why new measures need to be taken when they already have policies in place. Do we need more laws and regulations? Or do we just need existing ones to be enforced? I vote for the latter.
Posted by: Emma | March 17, 2006 at 07:40 AM
Enforcing the existing laws would be an excellent first step!
Posted by: EmilyPeters | March 17, 2006 at 10:48 AM