The Anderson Report on Client Data Security: Table of Contents

Employee Malpractices
Employee Negligence
Theft of Equipment
External Attacks
Not Just in the U.S.
Not Always Customer Data!
Conclusion

Confidentiality Criteria
Integrity Criteria
Availability Criteria
Data Classification Groups

Scale Down—Keep Only What You Need
Lock it—Protect the Information
Risk Assessment
Policies and Procedures
Access Control
Network Security
Encryption
Change Control
Backup and Recovery
Anti-Virus
Physical Security
Personnel Security
Pitch—Proper Disposal
Disposing of Shredded Paper
Plan Ahead—Create a Plan to Respond to a Security Incident
Reporting Incidents
Types of Incidents
Classification of Incidents
Incident Analysis
Gathering Evidence
Corrective Action and Follow-Up
Trend Analysis

Background Checks
Confidentiality or Non-Disclosure Agreements (NDA)
Security Training
Anti-Virus
Encryption
Secure Network Access

Client Data Breach Insurance Coverage
Covered Causes of Loss
Employee Breaches
Media Type
Digitization Requirement
Regulatory Investigations
Professional Services
Identify Theft a Necessary Trigger?
General Liability Policy
Current Insurance Coverage Providers
Coverage Questions and Comparison
Contractual Risk Transfer

Gramm-Leach-Bliley (GLB) Act
Sarbanes-Oxley (SOx) Act
Health Insurance Portability and Accountability (HIPAA) Act
HITECH Act of 2009
State Security Breach Notification Laws
Summary of the State Laws' Provisions

» Alabama

» Alaska

» Arizona

» Arkansas

» California

» Colorado

» Connecticut

» Delaware

» District of Columbia

» Florida

» Georgia

» Hawaii

» Idaho

» Illinois

» Indiana

» Iowa

» Kansas

» Kentucky

» Louisiana

» Maine

» Maryland

» Massachusetts

» Michigan

» Minnesota

» Mississippi

» Missouri

» Montana

» Nebraska

» Nevada

» New Hampshire

» New Jersey

» New Mexico

» New York

» North Carolina

» North Dakota

» Ohio

» Oklahoma

» Oregon

» Pennsylvania

» Puerto Rico

» Rhode Island

» South Carolina

» South Dakota

» Tennessee

» Texas

» Utah

» Vermont

» Virginia

» Virgin Islands

» Washington

» West Virginia

» Wisconsin

» Wyoming

Glossary of Security Terms
ACT Webinar: Protecting Independent Agent Clients with Secure E-mail Using TLS
The Business Case for Improved Password Workflows within the Real-Time Environment
Protect your Clients with Secure E-mail using TLS
ACT TLS—Frequently Asked Questions
Insurance Carriers Enabled for TLS Email Encryption for their Agencies
Insurance Coverage Information

» ACE

» AIG

» Beazley

» Chubb

» CNA

» ERisk

» Hartford

» MediaPro

» NAS