Privacy Advisor

TRUSTe Releases New Data Security Guidelines That Include Resources For Planning And Executing Breach Response

November 1, 2005

TRUSTe has issued a new set of data security guidelines to help companies evaluate new or existing data security policies.

The guidelines are available to more than 1,300 TRUSTe privacy seal-holding companies and other organizations committed to responsible handling of private information.

"Security best practices will always be a moving target as technology, laws, behaviors and threats change," said Fran Maier, Executive Director and President of TRUSTe. "A responsible offer of security best practices must include an expiration date or the promise of regular review. Data security is inextricably linked to privacy. Companies that consider themselves respectful of customers' privacy-related rights need to evaluate their security policies regularly and reinforce them where needed."

The guidelines take companies through a comprehensive list of issues, recommending policies based on factors including company size and the type of data that needs protection. TRUSTe introduced the first set of security guidelines in April 2005. The new guidelines reflect TRUSTe's response to legislative efforts and contributions by the Office of California Privacy Protection, Ernst & Young, ChoicePoint, Watchfire and Dr. Larry Ponemon.