TJ Maxx Settlement Requires Creation of Information Security Program and Funding of State Data Protection and Prosecution Efforts

Available at http://www.pillsburylaw.com/siteFiles/Publications/7F4F43B367B5276B0CFA6D13CFF4044C.pdf

Last week, TJX (the parent company of TJ Maxx and Marshalls) settled an action with 41 state Attorneys General arising out of a 2006 security breach affecting millions of credit cardholders. An information security program required by the settlement covers a significantly broader collection of information than the Payment Card Industry Data Security Standards (PCI DSS) and may serve as a de facto minimum standard for information security compliance. Also, the settlement’s funding of a Data Security Trust Fund anticipates future enforcement activities by the states and creates a precedent for states to look to future breaches as a source of continued funding.

Advertisements

About John Nicholson

I'm a transactional attorney who focuses on structuring and negotiating large outsourcing transactions (both on and offshore). As part of my work, I've specialized in: - Structuring and negotiating large outsourcing transactions (both on and offshore) including IT outsourcing and various BPOs (including HRO, Facilities Management, Procurement, Finance and Accounting), large systems development and implementations; - Assisting with development of RFPs, proposal evaluation, down select, and negotiation; - US and European privacy laws, including US Safe Harbor, and state privacy and data breach notification laws; and - Privacy, security, legal and contractual issues associated with cloud computing. I'm a frequent speaker on outsourcing, privacy and security issues. Before becoming a lawyer, I was the acting IT director for a mid-size company prior to hiring the CIO and project manager for the company's Oracle Financials implementation.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s