What solutions were considered by MasterCard and the other companies that are dealing with this problem? Were the solutions appropriate?

Some solutions that were presented include stronger methods of customer identification, dedicated security staff, and improving internal controls so that employees cannot access any files not relevant to their jobs. Using complex passwords, smart cards, tokens, and biometric devices would strengthen password protection and strengthen their control over the data. The problem is though that these solutions cost money and many companies are not willing to spend the money to better protect their data unless there is some financial return.

Legislation is another way that can help protect consumer data nationwide and not just within certain companies. One data security expert believes that applying the Sarbanes-Oxley Act to personal data security would be a good solution and force companies to pay fines each time an account is lost. In New York, the democratic senator Charles Schumer proposed an Office of Identity Theft operating under the Federal Trade Commission. The office would set the minimum security standards for any companies handling sensitive personal data and fine the companies failing to uphold the standards. In Florida, senator Cliff Stearns proposed a similar bill that would require companies to create written data security policies.