My good friend Alec recently made me aware of a very interesting blog post made by a physician (thanks Alec!) that is frankly quite troubling.
Archive for the ‘Privacy and Compliance’ Category
HIPAA: Beware Doctors Who Claim They Don’t Have To Follow Safeguard and Privacy Requirements
Thursday, November 15th, 2007U.S. Federal Teleworking Report Reminds Us that Teleworking Saves Time and Resources, But Must Be Done With Safeguards In Place
Wednesday, November 14th, 2007On November 6 there was a an interesting hearing held by the U.S. Subcommittee on Federal Workforce, Postal Service, and the District of Columbia about teleworking in the federal agencies.
Considering large numbers of privacy breaches occurring within government agences involving mobile computing devices and storage devices, this caught my eye.
The Deputy Director of National Intelligence Does Not Understand Key Concepts Of Privacy
Monday, November 12th, 2007I found a report yesterday, “Intelligence deputy to America: Rethink privacy” quite interesting. The impact on privacy…the actual definition, not the definition Donald Kerr, the principal deputy director of national intelligence, thinks it should be…would not only be a huge step backward for the country, but it would also increase the threats to personally identifiable information (PII) exponentially.
French Supreme Court Decision Points Out Importance Of Using Monitoring Notices Wherever In The World You Have Personnel
Sunday, November 11th, 2007I just read about a French Supreme Court decision made on October 10 (you can see a Google English rough translation of it here) that is significant to organizations who have employees in France, or anywhere worldwide for that matter, and the organization’s employee monitoring practices.
FTC Continues Active Compliance Enforcement: Applies $7.7 Million In Fines To 6 Do-Not-Call Violators
Saturday, November 10th, 2007This week the FTC once again demonstrated that they aggressively enforce compliance with those regulations for which they have responsibility.
In their press release, “FTC Announces Law Enforcement Crackdown on Do Not Call Violators” they detail their recent actions against six organizations for non-compliance with the Do Not Call (DNC) registry requirements. The involved settlements totaled close to $7.7 million in civil penalties. In addition to the following, actions against Global Mortgage Funding are pending.
Here is an overview of the non-compliance activities and associated fines/penalties:
Judge Rules University Policy & FERPA Allow Student PII To Be Released
Tuesday, November 6th, 2007Here’s a case I found interesting…the U.S. District Court for the Eastern District of Tennessee ruled on October 24th that providing a group of record company plaintiffs with student personally identifiable information (PII) does not violate the U.S. Family Educational Rights and Privacy Act (FERPA).
Judge Rules University Policy & FERPA Allow Student PII To Be Released
Tuesday, November 6th, 2007Here’s a case I found interesting…the U.S. District Court for the Eastern District of Tennessee ruled on October 24th that providing a group of record company plaintiffs with student personally identifiable information (PII) does not violate the U.S. Family Educational Rights and Privacy Act (FERPA).
Insider Threat Lessons: Posting Threats And Personnel PII On The Internet Establishes Federal Jurisdiction
Monday, November 5th, 2007Here’s another insider threat example to know and to discuss with your legal counsel and HR folks. It highlights the need for information security and privacy policies, shows how information security and privacy must work with multiple areas on an ongoing basis, and demonstrates the sanctions that can be brought against those who break them.
