CIOs today find themselves having to navigate a changing landscape of new legislative and regulatory directives that affect IT and business. Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA regulations and the USA Patriot Act all force CIOs to reexamine data and customer privacy policies, security controls and data accessibility. In many cases, they also require significant new investments in information infrastructures in order to comply.To help CIOs through this growing field of legislative land mines, CIO is launching a new series, “Playing By New Rules: Your Risks and Responsibilities.” The first article in the series, “What to Do When Uncle Sam Wants Your Data,” by Staff Writer Ben Worthen, focuses on the implications of the Patriot Act?in particular, Section 215, which addresses requirements for sharing data and records with federal agents involved in terror investigations.Most conscientious citizens are eager to help the government in its fight against terrorism. In fact, in a survey of almost 800 security professionals by CIO’s sister publication, CSO, 41 percent of respondents said they were willing to share information about their customers, employees or business partners with government or law enforcement agencies without a court order if they believed it was in the interest of national security. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe But that approach can land you in court, as the safe harbor provision applies only to companies that receive a court order. Besides, laws can be repealed. But once you’ve broken trust with your customers, do you really expect to get them back? In a recent speech to privacy professionals, Richard Armey, the former Republican House Majority Leader from Texas, urged businesses not to roll over to law enforcement when it comes to customer information. “Every bit of it was given to you by someone who trusted you to handle it responsibly, on a contractual basis, explicit or otherwise,” he said. “I take it as your responsibility to protect data against the coercive intrusions of government.”To find out how the new antiterrorism laws will affect you, how to shield your company from potential litigation and bad publicity, and what infrastructure improvements might be required, please turn to Page 56. The next article in the series will address the implications of the Sarbanes-Oxley Act. Look for it in our May 15th issue. Related content feature Mastercard preps for the post-quantum cybersecurity threat A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today. By Poornima Apte Sep 22, 2023 6 mins CIO 100 CIO 100 CIO 100 feature 9 famous analytics and AI disasters Insights from data and machine learning algorithms can be invaluable, but mistakes can cost you reputation, revenue, or even lives. These high-profile analytics and AI blunders illustrate what can go wrong. By Thor Olavsrud Sep 22, 2023 13 mins Technology Industry Generative AI Machine Learning feature Top 15 data management platforms available today Data management platforms (DMPs) help organizations collect and manage data from a wide array of sources — and are becoming increasingly important for customer-centric sales and marketing campaigns. By Peter Wayner Sep 22, 2023 10 mins Marketing Software Data Management opinion Four questions for a casino InfoSec director By Beth Kormanik Sep 21, 2023 3 mins Media and Entertainment Industry Events Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe