Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

F E A T U R E

Feds Reach Out and Touch IT

July 10, 2003
By Sean Doherty

>> continued from previous page

FYI

	Issue TOC
	Print full article
	Print this page
	Download as PDF
	E-Mail this URL
	Discuss this article
	Flame the author

	In this article
	Introduction
	All in the Implementation
	Gramm-Leach-Bliley
	Whip Out the Crystal Ball
	HIPAA
	An Open Door Policy
	Sarbanes-Oxley
	Executive Summary
	Law vs. Regulation
	FYI
	With 1386, California Leads the Way
	Hospitals Get HIPAA
	Web Links
	Epoll Results

To help IT comply with new regulations, the government is drawing up guidelines in the form of three Federal Information Processing Standard drafts. The first, FIPS 199, aims to help enterprises classify risks as low, moderate or high for three security objectives: confidentiality, integrity and availability. You can find the draft at csrc.nist.gov/publications/drafts/FIPS-PUB-199-ipd.pdf; NIST is accepting public comments on the matter until August 14, 2003 (see csrc.nist.gov/publications/drafts/FIPS199-FRnotice.pdf). For the second piece of the series, NIST will offer guidelines to help agencies identify the types of information and information system appropriate for each category of data. For the third, NIST plans to specify the minimum sets of security controls for each defined category of information and information system.