Yesterday yet another incident occurred where a business partner / vendor lost the personally identifiable information (PII) for which they had been entrusted. Americhoice sent a CD containing the PII of 67,000 individuals to TennCare via overnight UPS delivery.
Archive for the ‘Privacy Incidents’ Category
PII for 60,000 Lost In Yet Another Incident: Know How To Address The Risks Involved With Entrusting PII To Business Partners
Thursday, September 13th, 2007HIPAA & 4 Lessons From an Insider Threat Example: Former Healthcare IT Manager Hacks Into System and Deletes PHI
Monday, September 10th, 2007There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.
HIPAA & 4 Lessons From an Insider Threat Example: Former Healthcare IT Manager Hacks Into System and Deletes PHI
Monday, September 10th, 2007There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.
Craig’s Voicemail Error Not Uncommon; Be Sure Your Employees Don’t Do the Same!
Saturday, September 8th, 2007This week Larry Craig, the U.S. Senator embroiled in a sex scandal, left a long, detailed voice mail message for his lawyer. Problem was, he misdialed and left the message on another person’s voice mail!
Craig’s Voicemail Error Not Uncommon; Be Sure Your Employees Don’t Do the Same!
Saturday, September 8th, 2007This week Larry Craig, the U.S. Senator embroiled in a sex scandal, left a long, detailed voice mail message for his lawyer. Problem was, he misdialed and left the message on another person’s voice mail!
Insider Threat Example: Payroll Employee Threatens To Illegally Use Other Employees’ PII If Not Given a Good Review
Sunday, July 22nd, 2007Here’s another example of the insider threat similar to situations that I’ve heard of happening many times throughout the years through conversations with folks at conferences and other professional meetings.
Privacy Not Only Requires Securing PII, It Also Requires Keeping the Trust of Your Customers
Tuesday, July 10th, 2007Recently I was speaking with a client about a new Internet e-commerce application they were testing, and I asked them to give a demonstration. One of the questions I asked while watching was whether there were any ways in which someone could get information about customers’ orders. After doing some various tests, a screen popped up showing a database of names, item descriptions, and other information related to the orders. The billing information, such as credit card number, was *NOT* within this database, but the names and mailing addresses were; these were used for the indexing links to the database.
Surveillance and Managing Information With So Many Ways To Capture It
Wednesday, June 27th, 2007Over the weekend a news story appeared in Australia that I’m sure is occurring in MANY other organizations, far beyond just schools; “Teachers being secretly filmed by students”
