- Page 59 of 124 -

A Stolen Health Insurer’s Laptop With PII Is Not Necessarily A HIPAA Violation

January 30th, 2008

While scanning the news blurb summaries today, the statement, “This is a violation of HIPAA.” caught my eye. Hmm…let’s see what this is about…
This statement was actually within the reader comments to the story, “Blue Cross reports theft of computer.”

Read the rest of this entry »

Tags: awareness and training, Blue Cross/Blue Shield, encryption, HIPAA, Information Security, IT compliance, patient privacy, PHI, PII, policies and procedures, privacy, privacy policy, protected health information, risk management, security awareness, security training, stolen laptop
Posted in Privacy Incidents | 2 Comments »

AccuSearch Fined ~$200,000 For Pretexting & Selling Phone Numbers

January 29th, 2008

Yesterday the U.S. Federal Trade Commission (FTC) announced AccuSearch, Inc., was guilty of violating federal law by selling consumer phone records to third parties without consumers‚Äô knowledge or authorization.

Read the rest of this entry »

Tags: AccuSearch, awareness and training, FTC Act, Information Security, IT compliance, policies and procedures, pretexting, privacy, privacy policy, risk management, security awareness, security training
Posted in Non-compliance Sanctions Examples | No Comments »

AccuSearch Fined ~$200,000 For Pretexting & Selling Phone Numbers

January 29th, 2008

Read the rest of this entry »

Cell Phone Text Messages Are Private…NOT!

January 28th, 2008

Uh oh…talk about a couple of folks who were caught with their hand in the cookie jar (so to speak)…and caught lying under oath.
CNN recently ran a story about how Christine Beatty resigned from her position as chief of staff for Detroit, Michigan, Mayor Kwame Kilpatrick after a large amount of explicit Blackberry text messages, “tens of thousands” were discovered from 2003 and 2004.

Read the rest of this entry »

Tags: awareness and training, cell phone, Christine Beatty, Information Security, IT compliance, Kwame Kilpatrick, messaging security, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, text messages
Posted in Privacy and Compliance | 2 Comments »

Cell Phone Text Messages Are Private…NOT!

January 28th, 2008

Read the rest of this entry »

Some more information and ideas for Data Privacy Day, January 28

January 27th, 2008

Last Thursday I posted about how tomorrow (1/28) is International Data Privacy Day.
I was delighfully surprised to receive an email in response to my blog post from Leonardo Cervera, the coordinator of Data Privacy Day 2008! Be sure to check out his site to find comprehensive information about all the activities being done for Data Privacy Day, as well as seeing the world-wide support Data Privacy Day is being given…it is good to see government agencies and large corporations acknowledging the importance of preserving privacy.

Read the rest of this entry »

Tags: awareness and training, Data Privacy Day, Information Security, IT compliance, Leonardo Cervera, policies and procedures, privacy, privacy policy, privacy training, risk management, security awareness, security training
Posted in Privacy and Compliance | No Comments »

Some more information and ideas for Data Privacy Day, January 28

January 27th, 2008

Read the rest of this entry »

Insider Threat: Worker Deletes 7 Years of Files; Lesson? Make Backups!!

January 25th, 2008

Here is another example of what a worker, entrusted with access to business files, can do…and also provides a lesson about business continuity…
I just watched a CNN clip, “Cyber Sabotage” that provides a very good example of how costly the insider threat can be.

Read the rest of this entry »

Tags: awareness and training, backups, business continuity, CNN, disaster recovery, Information Security, insider threat, IT compliance, Marie Cooley, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, SMBs, Steven E. Hutchins Architects
Posted in Information Security | 2 Comments »

Insider Threat: Worker Deletes 7 Years of Files; Lesson? Make Backups!!

January 25th, 2008

Read the rest of this entry »

January 28 is International Data Privacy Day

January 24th, 2008

Did you know that International Data Privacy Day is fast approaching? On Monday, January 28 the United States joins 27 European countries to celebrate Data Privacy Day 2008. “The day will feature several efforts to promote the importance of data protection, including a meeting at Duke University among European and U.S. privacy experts.”

Read the rest of this entry »

Tags: awareness and training, Data Privacy Day, IAPP, Information Security, International Association of Privacy Professionals, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training
Posted in Privacy and Compliance, Training & awareness | 3 Comments »

A Stolen Health Insurer’s Laptop With PII Is Not Necessarily A HIPAA Violation

AccuSearch Fined ~$200,000 For Pretexting & Selling Phone Numbers

AccuSearch Fined ~$200,000 For Pretexting & Selling Phone Numbers

Cell Phone Text Messages Are Private…NOT!

Cell Phone Text Messages Are Private…NOT!

Some more information and ideas for Data Privacy Day, January 28

Some more information and ideas for Data Privacy Day, January 28

Insider Threat: Worker Deletes 7 Years of Files; Lesson? Make Backups!!

Insider Threat: Worker Deletes 7 Years of Files; Lesson? Make Backups!!

January 28 is International Data Privacy Day

Search Privacyguidance

Categories

Archives

Blogroll

Meta

Syndicate