Archive for December, 2006

Laptop Theft: PII About 1,000 W.Va. Air National Guard Members

Wednesday, December 6th, 2006

A report in the Air Force Times indicates a laptop containing personally identifiable information (PII) about 1,000 West Virginia Air National Guard members was stolen during a training trip in November. The spokesperson for the Air National Guard indicated:

“The Air Force uses some of most sophisticated encryption processes to safeguard information on government computers”

…implying the data on the laptop was encrypted, but not coming right out and saying it was.

(more…)

FTC Report on FACTA Effectiveness: Highlights the Need for Better Data Accuracy Practices

Tuesday, December 5th, 2006

Today the FTC released their report, “Second Interim Report of the Federal Trade Commission to Congress Under Section 319 of the Fair and Accurate Credit Transactions Act of 2006.”
Before I comment on the report, as an interesting aside, one of the authors of the report, Chairman Deborah Platt Majoras, was named of of 2006’s “Top 5 Influential IT Security Thinkers” in the December 2006 issue of SC Magazine, but I don’t see this issue on their site yet.

(more…)

FTC Report on FACTA Effectiveness: Highlights the Need for Better Data Accuracy Practices

Tuesday, December 5th, 2006

Today the FTC released their report, “Second Interim Report of the Federal Trade Commission to Congress Under Section 319 of the Fair and Accurate Credit Transactions Act of 2006.”
Before I comment on the report, as an interesting aside, one of the authors of the report, Chairman Deborah Platt Majoras, was named of of 2006’s “Top 5 Influential IT Security Thinkers” in the December 2006 issue of SC Magazine, but I don’t see this issue on their site yet.

(more…)

Oracle Releases New Application Data Safeguard Standards

Monday, December 4th, 2006

On 11/28 Oracle released new technology standards for safeguarding data throughout the applications data flow called the Identity Governance Framework (IGF). CNET news reported on it November 30. The article points out that such standards would help prevent data leaks and also contribute to regulatory compliance.

(more…)

Security OOPS! PII For School Employees Accidentally Mailed by School’s Contractor

Friday, December 1st, 2006

On November 27 the Chicago Tribune reported:

“A printing contractor for the Chicago Public Schools said Sunday that it mistakenly mailed a list of names, Social Security numbers and home addresses of nearly 1,740 former school employees as part of a packet of health-insurance information to them.”

Oops! Another privacy breach resulting from a combination of human error and actions by an outsourced vendor.

(more…)