I recently blogged about “6 “Scary Stuff” Privacy Terms IT, Info Sec and Privacy Folks Should Know.”
I was very pleasantly surprised to hear from Dr. Michael G. Michael and his wife Dr. Katina Michael a couple of days ago about the post! (Thank you Michael and Katina!) They provided some additional very interesting information about the term “√úberveillance.” With their permission, here is a large portion of the message they sent to me:
Posts Tagged ‘SSN’
More On √úberveillance And Privacy
Thursday, January 3rd, 2008Tags:ambient technology, awareness and training, Dr. Katina Michael, Dr. Michael G. Michael, employee privacy, employee tracking, GPS tracking, Information Security, IT compliance, policies and procedures, privacy, privacy law, RFID, risk management, security awareness, security training, social security number, SSN, uberveillance
Posted in Privacy and Compliance | No Comments »
Responding To Customers Asking About Your Company’s Use of SSNs
Wednesday, December 19th, 2007For the past 10 years I have been driving the same, reliable, non-troublesome car. It still looks good enough (I don’t really worry about driving an “it” kind of car). However, it is getting a bit rattly, and my friends have been increasingly giving me a hard time about continuing to drive it past the 200,000 mile mark. I never really cared much until my starter went out a couple of months ago. I wondered, what if this had happened to me while I was in a neighboring state at a client site? Sure, I have AAA, but it would still be a hassle. So, I decided if I saw a car I really liked and that had all the features I wanted, I would splurge and get a new car.
Well…I just happened to find a car I absolutely loved after seeing and driving it. I was at the dealer paying for it yesterday, and the sales person asked for my Social Security Number (SSN).
Tags:awareness and training, FERPA, GLBA, HIPAA, identity theft, Information Security, Iowa law, IT compliance, personally identifiable information, PII, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, social security number, SSN
Posted in Privacy and Compliance | 1 Comment »
Personnel Privacy, New I-9 Forms, Removal of SSN Requirements and IT Involvement
Sunday, November 18th, 2007Early this year I did a data flow analysis for I-9 compliance, and I blogged a few months ago about I-9 related issues in “New Tennessee Law Prohibits Using Federal Individual Taxpayer ID as Proof of Immigration Status.”
I-9 compliance issues impact many areas of an organization. However, within most organizations many areas, such as IT and information security, are not aware of the I-9 compliance issues and unknowingly put the company at noncompliance jeopardy. Compliance with any law or regulation that involves personally identifiable information (PII) usually require the involvement of legal, IT and information security areas.
Tags:awareness and training, DHS, employment issues, I-9 forms, Illegal Immigration Reform and Immigrant Responsibility Act of 1996, Information Security, IT compliance, policies and procedures, privacy, risk management, security risk, security training, social security numbers, SSN, U.S. Citizenship and Immigration Services
Posted in Laws & Regulations | 1 Comment »
Personnel Privacy, New I-9 Forms, Removal of SSN Requirements and IT Involvement
Sunday, November 18th, 2007Early this year I did a data flow analysis for I-9 compliance, and I blogged a few months ago about I-9 related issues in “New Tennessee Law Prohibits Using Federal Individual Taxpayer ID as Proof of Immigration Status.”
I-9 compliance issues impact many areas of an organization. However, within most organizations many areas, such as IT and information security, are not aware of the I-9 compliance issues and unknowingly put the company at noncompliance jeopardy. Compliance with any law or regulation that involves personally identifiable information (PII) usually require the involvement of legal, IT and information security areas.
Tags:awareness and training, DHS, employment issues, I-9 forms, Illegal Immigration Reform and Immigrant Responsibility Act of 1996, Information Security, IT compliance, policies and procedures, privacy, risk management, security risk, security training, social security numbers, SSN, U.S. Citizenship and Immigration Services
Posted in Laws & Regulations | 3 Comments »
5-Point Checklist for Info Sec and Privacy Pros to Use for Data Protection and Privacy Law Compliance
Sunday, October 28th, 2007One of the basic privacy principles is to limit the collection of personally identifiable information (PII) to only that which is necessary for the business purpose for which it is being collected. These privacy principles, built largely around the OECD privacy principles, are the basis for most data protection and privacy laws throughout the world.
Tags:awareness and training, ID theft, identity theft, Information Security, IT compliance, OECD, PCI DSS, policies and procedures, privacy, privacy principles, privacy training, risk management, security training, SSN
Posted in Information Security, Privacy and Compliance, Training & awareness | No Comments »
Social Security Number No Match Rule: Employers Will Need to Prove Compliance
Monday, August 20th, 2007The new U.S. Social Security number (SSN) No Match Rule was published August 15 in the Federal Register. You can also see it here.
This new regulation provides directives for the letters the U.S. Social Security Administration (SSA) issues to employers when the SSA discovers that an SSN does not match the information provided by the employer.
Tags:awareness and training, Department of Homeland Security, DHS, Information Security, IT compliance, no match letter, no match rule, PII, policies and procedures, privacy, risk management, social security administration, social security number, SSA, SSN
Posted in Laws & Regulations, Privacy and Compliance | 1 Comment »
