More Data Retention Tips And Considerations

August 28th, 2008

Here are some more data retention tips and considerations as a follow-up to my Tuesday blog post

Read the rest of this entry »

Do You Know Your Data Retention Requirements?

August 26th, 2008

There have been several interesting news reports recently about data retention proposals, plans, practices and laws in the U.K.
Currently there are proposals to require emails to be retained for a full year, but critics contend that sloppy data retention practices will result in actual retention periods much longer, if the emails even ever get deleted.
This is an important point; when it comes to data retention, the requirements are rarely, if ever, followed by some organizations…

Read the rest of this entry »

Insider Threat Examples & 7th HIPAA Criminal Conviction

August 25th, 2008

Yesterday I read about the 7th criminal conviction and sentencing that has been given under HIPAA, “Woman gets 14 months in ID theft case.”

Read the rest of this entry »

A Privacy Song About…Überveillance!

August 24th, 2008

I was delighted to get a message this morning from my friends down-under, Dr. M. G. Michael and Dr. Katina Michael from the University of Wollongong.
If you’ll recall, a few months ago I made a couple of blog postings about überveillance here and here.

Read the rest of this entry »

Iowa’s Fields of Digital Dreams

August 23rd, 2008

I knew that Microsoft was planning to build a large data storage facility in Iowa, but I was a little surprised to see that they will virtually be neighbors with me!

Read the rest of this entry »

TV Anchor Confesses To Snooping His Co-Anchor’s 3 Email Accounts For 2 Years!

August 22nd, 2008

A few months ago I blogged about a co-anchor at a television station who was accused of getting into his co-anchor’s email and passing information from the messages along to news outlets.
I was interested to see a CNN report today, “Fired anchor pleads guilty to e-mail snooping” that followed up on this story. Larry Mendte reportedly admitted to accessing Alycia Lane’s emails, in her 3 home and work accounts, over 500 times over a 2-year period!
Okay, why was he able to so easily get into her email accounts…3 OF THEM!…over a period of 2 years?! Wasn’t there any security applied to these email systems?
Some possibilities…

Read the rest of this entry »

Company Uses Negotiated Checks For Packing Material!

August 21st, 2008

Not much surprises me any more with regard to some of the silly things that organizations do with printed PII that put the involved individuals at risk.
However, I was surprised when I watched an ABC News report this morning…

Read the rest of this entry »

Despite 45+ U.S. Federal and State Laws, SSNs Still Widely Misused & Breached…Why?

August 20th, 2008

It amazes me how many news articles are frequently reported that are related to the misuse or breach of social security numbers (SSN). Today just a few the stories that popped up included:

Read the rest of this entry »

Many, Many Methods Of Cyberattacks

August 19th, 2008

Yesterday CNN ran an interesting story, “U.S. at risk of cyberattacks, experts say.”
For those of you in the information security biz this is not new news, I know. We’ve known and discussed the massive and insidious types of damage that could be done through cyber attacks for several years. However, there is still not enough being done.

Read the rest of this entry »

Insider Threat Examples: HIPAA Violations Go UnPenalized In Iowa

August 17th, 2008

When I got my Sunday Des Moines Register out of the orange box across the road this morning, the front page headline leaped out at me, “Medical privacy law fails to stop snooping.”
In one of the incidents described, a woman was incredibly embarrassed and humiliated after all the intimate details about an operation she had on her uterus, including her full name, that were in her doctor’s files were apparently published in marketing material…

Read the rest of this entry »