Archive for the ‘Privacy and Compliance’ Category

Many Motivators For Identity Theft

Tuesday, March 24th, 2009

I’ve heard far too many business leaders in lesser-regulated industries, of organizations of all sizes, say something to the effect of, “Oh, we don’t have any information that hackers would find of any value.”

(more…)

There Are 47 US State & Territory Breach Notice Laws: 1-Page Listing

Monday, March 23rd, 2009

Over the weekend I did some research to make sure I am up to date with all the current U.S. state and U.S. territories breach notice laws…

(more…)

Avoid Information Overload In Your Information Security & Privacy Training!

Sunday, March 22nd, 2009

I’ve been reviewing some “canned” information security and privacy training offerings in the past few months, and I’m seeing that many of them are trying to dump TOO MUCH information on those taking them; learners can only absorb so much information within a short period of time and retain it for any significant amount of time!

(more…)

Cautionary Tales for Tweeting About Work

Thursday, March 19th, 2009

I’ve been using Twitter now (http://www.twitter.com/privacyprof) for three going on four weeks. I’ve found it to be a very great way to be in touch with the latest news and happenings, and also to get in touch with other folks who care about and want to discuss the same types of topics as I do. I also see using Twitter within business organizations as a very good awareness raising tool. More on that in another post. But for now I want to discuss some of the potential personal hazards of tweeting…

(more…)

68 Info Sec & Privacy Tweets Digest Back Through March 7

Sunday, March 15th, 2009

Once more I’m providing a digest of the Twitter tweets I put out (PrivacyProf) over the past week that provided pointers to interesting and useful news reports and pieces of information that I do not want to have lost in the vastness of the ever-growing twittersphere. So, for posterity and my own future reference…my own backup if you will…here’s a listing of the ones I want to be able to look back upon without paging through multiple posts on my PrivacyProf account…

(more…)

1746 Organizations In The U.S.’s EU Safe Harbor Program

Thursday, March 12th, 2009

A type of project I really love to do is a privacy impact assessment (PIA). For companies who collect or otherwise handle the personally identifiable information (PII) of individuals from multiple countries, typically doing a cross border data flow analysis of the PII is within the scope of the PIA.

(more…)

Court Decision on FACTA Credit Card Transaction Receipt Violations

Wednesday, March 11th, 2009

I was doing a bit of research around the Fair and Accurate Credit Transactions Act (FACTA), and ran across an interesting recent court decision…

(more…)

Court Decision on FACTA Credit Card Transaction Receipt Violations

Wednesday, March 11th, 2009

I was doing a bit of research around the Fair and Accurate Credit Transactions Act (FACTA), and ran across an interesting recent court decision…

(more…)

Here’s the link for Web 2.0 Privacy and Security Considerations

Tuesday, March 10th, 2009

I forgot the link to my article yesterday!!
Here it is…
Web 2.0 Privacy and Security Considerations

Web 2.0 Privacy and Security Considerations

Monday, March 9th, 2009

I’ve been having a lot of conversations in the past few weeks about Web 2.0 privacy and security issues. Web 2.0 certainly has greatly enhanced how the Internet can be used. Posting information on blogs, social networking sites, microblogs (such as Twitter), texting, IMing and an assortment of other types of activities have become a normal part of many people’s lives.

(more…)