Skip to Content

Welcome to InfoSecCompliance.com

InfoSecCompliance LLC (”ISC”) is a law firm dedicated to providing solutions for privacy and security legal compliance and risk management, including:

  • assisting clients with the developmment of security and privacy policies and practices that are consistent with regulatory requirements
  • developing contracting procedures and terms that dicate the privacy and security duties between organizations sharing sensitive information or system access
  • analyzing insurance coverage for privacy and security risk and providing guidance on and access to the products that insure against such risk

Latest News from the Blog

TJX Settles with State Attorneys General for $9.75 Million - July 2, 2009

The TJX breach saga came a little closer to an end (excluding of course the still-pending case being pursued by a couple of issuing banks) with the announcement of a settlement with 41 State attorneys general that brought actions under their State’s respective consumer fraud and deceptive practices laws (a copy of the settlement document can be found: HERE). This is a summary of the TJX settlement.

{read more}

Merrick Bank v. Savvis Update: Savvis Files Motion to Dismiss - June 23, 2009

As reported previously, the CardSystems security breach has resulted in a lawsuit brought by a merchant bank (Merrick Bank) against CardSystem’s security assessment company (Savvis). The suit alleges that Savvis negligently certified CardSystem’s security as compliant with Visa’s Card Information Security Program (”CISP”), and negligently represented that CardSystems was compliant. Earlier this month Savvis filed a motion to dismiss this case. This post summarizes and explores that motion.

{read more}