Security Basics mailing list archives
Safe Harbor and Data Encryption
From: james () frymanet com
Date: Tue, 27 Jan 2009 14:55:57 -0700
Hello all. I am doing some research into the implementation of Safe Harbor for the company that I currently work at, particularly around the concept of the Security principal defined in Safe Harbor workbook. Given that the definition of 'Security' within the workbook is very broad and ambiguous, I am currently operating under the assumption that data encryption for PII within a US Safe Harbor is necessary only if a company in the EU uses encryption to protect data-at-rest. Two questions from the above statements: 1) Is that assumption safe, or would data encryption at rest be required regardless? 2) If the above is safe, how prevalent is data encryption for PII within European companies? Very interested in thoughts from the community on the above. Thanks! -James ---------------------- James Fryman james () frymanet com
Current thread:
- Safe Harbor and Data Encryption james (Jan 28)