Security Slideshow: 10 Legislative Trends to Watch in 2011

Financial Reporting

Financial reporting via XBLR will accelerate and CIOs will further enable XBRL throughout financial reporting systems in order to reduce data format conversion errors, says Gartner Research VP Joseph Bugajski.

Dodd-Frank Act

Businesses will feel growing pressure to improve customer verification and master-data systems—and tighten existing controls—in the wake of the Dodd-Frank Wall Street Reform and Consumer Protection Act. This includes reduced variability in business reporting systems.

Risk Reporting

Government pressure to introduce anti-money laundering and anti-terrorist initiatives will increase—partly as a result of Dodd-Frank. Corporate boards will impose new mandates about recognizing and reporting risk, according to Gartner's Bugajski.

Digital Rights Management

Digital rights management, once the sole domain of music recording companies and their publishers, is moving into the corporate mainstream. Smart CIOs will use these to implement controls over mobile content as well as to protect copyrighted and patented material.

Data in Motion

Businesses will face increasing liability issues resulting from employees and contractors carrying and moving data from the inner sanctum of corporate data centers to interconnected servers and via a mobile, wireless infrastructure. As a result, endpoint security will take on greater importance than ever.

Social Media

Enterprises will confront growing liability issues posed by social networking sites. Blocking access to these sites is increasingly difficult from a practical standpoint. Solutions will include digital rights management, data loss prevention and other control tools.

Location-Based Services

Location-based services and GPS data that provide personally identifiable information about employees will force organizations and CIOs to implement controls and policies over how data is collected and how it is used.

Health Information Trust

The Health Information Trust Alliance (HITRUST) will pressure healthcare providers to adopt a Common Security Framework (CSF) that provides a secure environment for creating, accessing, storing and exchanging personal health and financial information.

HITECH

The Health Information Technology for Economic and Clinical Health Act (HITECH), signed into law in February 2009, will push healthcare providers to adopt new and improved IT practices, software and systems.

Data Breach Notification Laws

At present, 46 of 50 U.S. states have data breach notification laws in place. A national law is imminent. A likely candidate: The Data Accountability and Trust Act, passed by the U.S. House and now before the Senate. It would require businesses engaged in interstate commerce to provide notification of breaches to affected consumers.