I’m thankful to be able to have my own company of one to do what I enjoy so much with information security, privacy and compliance. I am also an active part of managing the farm business for my family. With these two businesses comes A LOT of paperwork, along with checks that must regularly be sent in to various government agencies.
Archive for July, 2007
Did You Know This About U.S. Bank Check Processing Compliance?
Friday, July 20th, 2007Privacy in the 21st Century: Show Your Creativity for Global Security Week!
Thursday, July 19th, 2007Global Security Week (GSW) is September 3rd through 9th.
The topic this year is “Privacy in the 21st Century.”
Norman Borlaug: A Great Role Model for the Power of One
Thursday, July 19th, 2007I have heard many information assurance (IA) professionals, when they are feeling frustrated, angry, or whatever other negative feelings we all have at one time or another, say what they are doing is not making a difference, or say they feel they are looked down upon by others in their organization as a “necessary evil.” They often feel that one person cannot make a difference.
UK Annual Privacy Report: Businesses Need To Give Individuals Access to Their PII, and More Awareness and Training Is Needed
Wednesday, July 18th, 2007An Exemplary Privacy Practice at a University
Tuesday, July 17th, 2007There are many…*MANY*…reports of privacy breaches and security incidents virtually every day. However, I think it is important to point out when organizations do something right with regard to privacy practices, particularly when they are uncommon compared to what other businesses do; perhaps other organizations will see their positive example and follow their lead.
Data Protection & Privacy Noncompliance Fines Increasing in France
Monday, July 16th, 2007The French Data Protection Authority (CNIL) made some interesting statements last week in their annual report, covering June 2006 through June 2007, about some fines they’ve given during the past 12 months for non-compliance with their data protection laws.
HIPAA Violation in Divorce Proceeding?
Friday, July 13th, 2007Privacy: Are You Sure You *REALLY* Have Nothing To Hide?
Thursday, July 12th, 2007During the past few years it has become more common to have phone records, purchase records, and other logged activities datamined and reviewed by various organizations, government agencies and law enforcement groups. One highly publicized example was when AT&T provided access to their customers’ phone records and Internet communications to the U.S. National Security Agency (NSA).
Carnegie Mellon’s Data Privacy Head Urges Development of New Privacy Technologies
Wednesday, July 11th, 2007I enjoy reading Scientific American Magazine. And I especially am interested in reading their articles that touch upon, or directly address, information security, privacy or compliance. It is always nice to see the views of practitioners, educators, researchers and others who are not on the typical information security circuit of publications.
Privacy Not Only Requires Securing PII, It Also Requires Keeping the Trust of Your Customers
Tuesday, July 10th, 2007Recently I was speaking with a client about a new Internet e-commerce application they were testing, and I asked them to give a demonstration. One of the questions I asked while watching was whether there were any ways in which someone could get information about customers’ orders. After doing some various tests, a screen popped up showing a database of names, item descriptions, and other information related to the orders. The billing information, such as credit card number, was *NOT* within this database, but the names and mailing addresses were; these were used for the indexing links to the database.
