Growing numbers of organizations are trying to figure out the benefits of anonymizing, or as HIPAA (the only regulation that provides specific legal requirements for such actions) puts it “de-identifying,” personal information. Healthcare organizations see benefits for improving healthcare. Their business associates (BAs) see benefits in the ways in which they can minimize the controls around such data. Of course marketing organizations salivate at the prospects of doing advanced analysis with such data to discover new trends and marketing possibilities. The government wants to use it for investigations. Historians want to use it for, yes, marking historical events. And the list (more…)
Archive for the ‘Uncategorized’ Category
Implementing a Data De-Identification Framework
Wednesday, November 21st, 2012HITECH Act: Breach Notification Is Necessary Based Upon Items Used In De-Identification
Wednesday, July 29th, 2009Continuing along the discussion of the HITECH Act this week, I want to consider a couple of questions I recently discussed with a CISO at a healthcare insurer about when breach notification is necessary…
Humorous Security Calendar
Wednesday, February 18th, 2009Check out a sample month of a humorous information security wall calendar that Rick Lawhorn created that “tracks notable breaches, infosec facts and viruses.”
Massachusetts Encryption Law Pushed Back Once More
Wednesday, February 18th, 2009Monday I received messages almost at the same time from Brandon Dunlap and Brett J. Byers; thanks Brandon and Brett!
They were notifying me of yet another delay in the Massachusetts law, “201 CMR 17.00: STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH”
As explained on the website:
Use This RBS Worldpay News Report For Training
Thursday, February 5th, 2009On November 8, 2008 more than 130 ATM machines in 49 cities throughout the world were hit by a group of cybercriminals during a 30-minute period.
Insider Threat & More Examples Related To Putting Info on the Internet
Saturday, December 13th, 2008Here are some more examples of the dumb things that folks (often times folks within your organization) put on the Internet that had some bad repercussions…remember, once you put something on the Internet, even for a short period of time, you might as well accept that it will be out there forever…
Medical Identity Theft Is On The Rise
Tuesday, September 9th, 2008For day 2 of Global Security Week I want to highlight the growing problem of medical identity theft…
100+ Hot Spots During A Short Drive Around Town
Monday, June 16th, 2008Last Friday my 8-year-old son and I looked for a wifi hotspot to work from while my 11-year-old son was at band camp for the day (I didn’t want to waste gas by driving all the 25+ miles back home, and then driving into town again to pick him up at the end of the day). We discovered the IHOP close by actually has free wireless access…I did not know that! So, we had lunch there and I did work while we ate.
