On February 15 the Senate Homeland Security and Governmental Affairs Committee approved legislation with provisions to strengthen President Bush’s Privacy and Civil Liberties Oversight Board. The provisions were part of a bill, the “Improving America’s Security Act of 2007” (S. 4), aimed at implementing unfulfilled recommendations of the 9/11 Commission. Full text of the 227-page S. 4 bill is available online.
Archive for the ‘Laws & Regulations’ Category
Legislation Passed to Strengthen Bush’s Privacy and Civil Liberties Oversight Board
Tuesday, February 27th, 2007U.S. Privacy Related Bills Introduced February 15 & 16
Monday, February 26th, 2007Before the U.S. House adjourned Febuary 16 and the Senate adjourned February 17 for a week-long recess, they submitted some bills with privacy impacts.
U.S. Privacy Related Bills Introduced February 15 & 16
Monday, February 26th, 2007Before the U.S. House adjourned Febuary 16 and the Senate adjourned February 17 for a week-long recess, they submitted some bills with privacy impacts.
Laptop Theft: Financial Company Given $1.9 Million Penalty Following Incident for Inadequate Security Program
Tuesday, February 20th, 2007For the first time, the United Kingdom financial regulators, the U.K. Financial Services Authority (FSA), gave a financial institution, the Nationwide Building Society, the U.K.’s largest “building society” (a member-owned mortgage lending and banking services institution) a penalty for poor data security, issuing a ¬£980,000 ($1.9 million) fine based on their response to the 2006 theft of a laptop computer containing sensitive customer data according to a February 14 notice from the FSA.
Privacy: How to handle individual access requests in the UK in compliance with the Data Protection Act
Friday, February 16th, 2007In many countries, such as in all 25 of the European Union states and within Canada, just to name a few, individuals have the legal right to request from organizations a verification of whether or not the organization has information about him or her, and organizations must provide to individuals, upon their request, a copy of their corresponding personal information in an easy-to-understand format, within a reasonable period of time from the request.
HSPD-12 and U.S. Government Agency Authentication and Access Controls
Wednesday, February 14th, 2007Creating technologies that authenticate users with a high degree of confidence has always been a challenge, not only because of the typical complexity of the systems, but also because of the amount of confidence that must be placed within the end-user to appropriately secure his or her own user authentication information, most commonly the user ID and password.
Over the past several years the U.S. Government Accountability Office (GAO) has identified the historically poor authentication and access control practices as barriers for successful information sharing between not only government entities, but also with the private sector.
HSPD-12 and U.S. Government Agency Authentication and Access Controls
Wednesday, February 14th, 2007Creating technologies that authenticate users with a high degree of confidence has always been a challenge, not only because of the typical complexity of the systems, but also because of the amount of confidence that must be placed within the end-user to appropriately secure his or her own user authentication information, most commonly the user ID and password.
Over the past several years the U.S. Government Accountability Office (GAO) has identified the historically poor authentication and access control practices as barriers for successful information sharing between not only government entities, but also with the private sector.
HIPAA: Privacy and the Press
Tuesday, February 13th, 2007An interesting editorial ran this past Sunday in the Mason City, Iowa Globe Gazette about HIPAA, “The Price of Privacy: HIPAA has far-ranging implications”
The title intrigued me. Yes, indeed there will be far-ranging implications to effectively start handling protected health information (PHI) in ways that will protect privacy.
HIPAA: Privacy and the Press
Tuesday, February 13th, 2007An interesting editorial ran this past Sunday in the Mason City, Iowa Globe Gazette about HIPAA, “The Price of Privacy: HIPAA has far-ranging implications”
The title intrigued me. Yes, indeed there will be far-ranging implications to effectively start handling protected health information (PHI) in ways that will protect privacy.
Privacy Breach: Johns Hopkins University Lost Personal Information on 135,000 Individuals
Sunday, February 11th, 2007There now seem to be so many privacy breaches that it is hard to choose which one to discuss…
Last Wednesday, 2/7, Johns Hopkins University reported personal information on 135,000 employees and patients on nine backup tapes were missing that had been given to a contractor, Anacomp Co. Inc., to make microfiche backups.
