On March 12 the National Security Archive at George Washington University issued their report, “The Knight Open Government Survey 2007.”
Basically the study looked at how many of the 149 U.S. government agencies they surveyed were in compliance with the provisions of the Electronic Freedom of Information Act (EFOIA) here at the 10 year anniversary of the Act going into effect.
Archive for the ‘Privacy and Compliance’ Category
Most U.S. Government Agencies Still Not E-FOIA Compliant 10 Years Following Enactment; Disregard for Laws Also Leads to Disregard for Security Requirements
Wednesday, March 21st, 2007Iowa Breach Notification Bill; Emphasizes Need for Documented Security Policies and Breach Plans & Establishes “Identity Theft Passport”
Tuesday, March 20th, 2007An omnibus data security bill, H.F. 655 was introduced March 5 in the Iowa House by representatives Beth Wessel-Kroeschell (D) and Paul Shomshor (D).
Iowa Breach Notification Bill; Emphasizes Need for Documented Security Policies and Breach Plans & Establishes “Identity Theft Passport”
Tuesday, March 20th, 2007An omnibus data security bill, H.F. 655 was introduced March 5 in the Iowa House by representatives Beth Wessel-Kroeschell (D) and Paul Shomshor (D).
Over 100 FACTA Lawsuits Filed in California Against Businesses Printing PII on Receipts; Are You In Compliance With All FACTA Requirements?
Monday, March 19th, 2007I read with interest an article in today’s issue of the BNA Privacy and Security Law Report about over 100 lawsuits that have recently been filed within the California federal courts because of the amount of personally identifiable information (PII) that is printed on credit and debit card receipts.
Over 100 FACTA Lawsuits Filed in California Against Businesses Printing PII on Receipts; Are You In Compliance With All FACTA Requirements?
Monday, March 19th, 2007I read with interest an article in today’s issue of the BNA Privacy and Security Law Report about over 100 lawsuits that have recently been filed within the California federal courts because of the amount of personally identifiable information (PII) that is printed on credit and debit card receipts.
Phishing for Taxpayers’ Personal Information
Saturday, March 17th, 2007I just finished my 2006 income taxes this morning…something I absolutely HATE doing! I just hate all the forms and paperwork, all the time involved, and always keeping track of that important receipt for business software or hardware that somehow got lost or wedged in some deep dark corner of a drawer.
I’m not against taxes, per se; they are an important part of maintaining public services. But I hate how the tax laws change every year, all the odd new taxes for business owners each year, and how many strange new exemptions seem to always pop up every year, but primarily for the big organizations. I am a company of one for my information security, privacy and compliance business, and I am a company of two for my farm. Between the two there are what seems to be around a hundred different forms to fill out, and always different in little ways each year. So, I hate the time it takes to do taxes, but at the same time I am very thankful to be able to have businesses that otherwise allow me to do work I love.
Vulnerabilities of Transport Services & Privacy Incident Example: Wellpoint CD Containing PII of 75,000 People, Lost During UPS Transport, Found
Friday, March 16th, 2007A CD containing the clear text personal information of 75,000 WellPoint Empire Blue Cross and Blue Shield New York members that was reported lost on February 9 while being transported by UPS has been found.
The CD was lost when one of Wellpoint’s outsourced vendors, Health Data Management Solutions, sent the CD via UPS to Magellan Behavioral Health Services.
Preventing Data Leakage Through Email and Instant Messaging
Tuesday, March 13th, 2007Incidents continue to accumulate and hit the daily headlines. Many of them involve the loss of sensitive information through some type of messaging activity. The losses can have devastating impacts to business.
The messaging-related incidents are sometimes technology-based, such as social-engineering tactics through instant messaging (IM) communications, sometimes they pre-meditated malicious activities, and sometimes they are just plain ol’ “OOPS!! What the heck did I just do!!!!???” types of situations.
USA PATRIOT Act: FBI Is Underreporting Their Use Of This Law To Order Businesses to Monitor Email, Phone Calls and Financial Information
Friday, March 9th, 2007CNN reported today that a U.S. Department of Justice (DoJ) audit finds the FBI is has not kept good track of how many times they have ordered businesses monitoring of emails, telephone records and financial information. The report has not yet been posted to the DoJ site but is supposed to be released sometime today.
According to the CNN report: