The Aegenis Group recently introduced the Aegenis Regulatory Intelligence Service (ARIS) to help companies monitor and analyze legislative trends and industry requirements that affect information security.
ARIS will offer news alerts and weekly summaries. The service will include expert analysis by Aegenis vice president Heather Mark, PhD, CISSP, CIPP.
"As the industry has evolved, we have seen more and more companies that want to proactively monitor forthcoming legislation. With this service we address \[the\] need to know what may be happening in the future and offer them Dr. Mark's expert analysis. Her perspective represents the intersection of security and compliance." said Michael Dahn, executive vice president and founder of Aegenis Group. "\[ARIS lets companies\] maintain a watch on regulation without having to devote internal resources to the matter."
Earlier this year Minnesota became the first state to make PCI compliance state law. Minnesota's law, which took full affect August 1, 2007, disallows merchants from keeping a card's security code and the full contents of magnetic stripe data after a transaction is authorized, except for debit transactions where such data can be stored for up to 48 hours. The law also makes merchants responsible for any data breach regardless of the cause, including if a breach takes place at a merchant's service provider of choice.
FACTA, a federal law that took effect on December 4, 2006, limits what data can be printed on credit card receipts, lets consumers obtain a copy of their credit report, and helps consumers defend themselves against identity theft by placing fraud warnings on their report, among other things.