O'Reilly logo

Information Security Law: The Emerging Standard for Corporate Compliance by Thomas J. Smedinghoff

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. The Legal Standard for Compliance

The general obligation to provide security for data is often simply stated in the law as an obligation to provide “reasonable” or “appropriate” security designed to achieve certain objectives. In some cases, statutes and regulations define those objectives in terms of positive results to be achieved, such as ensuring the availability of systems and information, controlling access to systems and information, and ensuring the confidentiality, integrity, and authenticity of information.[1] In other cases, they define those objectives in terms of the harms to be avoided – e.g. to protect systems and information against unauthorized access, use, disclosure or transfer, modification or alteration, processing, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required