Posts Tagged ‘privacy awareness’

HIPAA Requirements Changes & Business Associates Impacts From HITECH Act

Monday, April 20th, 2009

Last week I engaged in a very interesting tweetversation with David Mortman about when the U.S. Department of Health and Human Services (HHS) needs to get their guidance documents and rules published for the various HITECH Act requirements…

(more…)

2 Things In Computing History That Could Have Improved Information Security and Privacy

Friday, April 17th, 2009

This past Wednesday I gave a session at Infosec09 in Omaha, Nebraska.
What a great event and venue! If you get a chance to attend next year, I highly encourage you to do so.

(more…)

2 Things In Computing History That Could Have Improved Information Security and Privacy

Friday, April 17th, 2009

This past Wednesday I gave a session at Infosec09 in Omaha, Nebraska.
What a great event and venue! If you get a chance to attend next year, I highly encourage you to do so.

(more…)

Pointers to interesting & useful information security, privacy & compliance info

Monday, April 13th, 2009

I’ve been using Twitter for a couple of months now. I never saw the value of using Twitter before this time, and in fact had a completely different view of what it was “all about” until I actually started using it. I’m so glad I did! I’ve found it to be a very valuable communications tool, and I’ve made some wonderful new contacts and friends, from all over the world, through using it.

(more…)

You aren’t in Kansas anymore, ToTo…you’re in virtual Kansas!

Thursday, April 9th, 2009

Oh; and, by the way, what the heck are virtual worlds? Aren’t they something that only kids use?

(more…)

Measuring The Effectiveness of Information Security & Privacy Awareness & Training

Wednesday, April 8th, 2009

I’m a longtime advocate of creating a wide range of metrics to determine the effectiveness of the various components of information security, privacy and compliance programs.

(more…)

Privacy Breach Lesson: Encrypt Mobile Digital PII!

Monday, April 6th, 2009

Once more, here is an example of how carelessness and/or a mistake leads to a privacy breach…

(more…)

What Corporate Business Leaders Need To Know About Data Protection

Friday, April 3rd, 2009

The first chapter of my new ebook, “Understanding Data Protection from Four Critical Perspectives” has been published!
The first chapter is “What Corporate Business Leaders Need To Know About Data Protection” and is written to an audience of CEOs and other executive business leaders who may not have an IT or information security background. I wrote this chapter for information security and privacy practitioners and officers to be able to give to their executive business leaders to help them understand data protection and compliance better, in addition to helping to get them to sponsor data protection efforts.
Here’s the introduction to the chapter, which also provides an overview of the book:

(more…)

Pros & Cons Of Surveillance Cameras For Compliance

Thursday, April 2nd, 2009

We had a very interesting discussion on Twitter this morning about the practice of automatically photographing license plates to use for parking, tickets, etc…

(more…)

Ongoing Awareness Communications and Regular Training Are Necessary For Effective Information Security & Privacy Programs

Wednesday, April 1st, 2009

Scott Wright over at Streetwise Security Zone graciously invited me to do a podcast interview with him to discuss information security, privacy and compliance training and awareness issues. In the last half of February I had the pleasure of taking him up on his invitation!
You can hear the full podcast here.
Here are the notes Scott compiled about our discussion topics:

(more…)