HIPAA Violation in Divorce Proceeding?
July 13th, 2007Privacy: Are You Sure You *REALLY* Have Nothing To Hide?
July 12th, 2007During the past few years it has become more common to have phone records, purchase records, and other logged activities datamined and reviewed by various organizations, government agencies and law enforcement groups. One highly publicized example was when AT&T provided access to their customers’ phone records and Internet communications to the U.S. National Security Agency (NSA).
Carnegie Mellon’s Data Privacy Head Urges Development of New Privacy Technologies
July 11th, 2007I enjoy reading Scientific American Magazine. And I especially am interested in reading their articles that touch upon, or directly address, information security, privacy or compliance. It is always nice to see the views of practitioners, educators, researchers and others who are not on the typical information security circuit of publications.
Privacy Not Only Requires Securing PII, It Also Requires Keeping the Trust of Your Customers
July 10th, 2007Recently I was speaking with a client about a new Internet e-commerce application they were testing, and I asked them to give a demonstration. One of the questions I asked while watching was whether there were any ways in which someone could get information about customers’ orders. After doing some various tests, a screen popped up showing a database of names, item descriptions, and other information related to the orders. The billing information, such as credit card number, was *NOT* within this database, but the names and mailing addresses were; these were used for the indexing links to the database.
Improve Security to Make the Planet Greener
July 9th, 2007This weekend there was a lot of attention on the environmental crisis facing the planet. There was the Live Earth concert on 07/07/07. Tonight the news was filled with more talk of new laws and initiatives, such as banning bottled water in restaurants in some of the states.
Having Backup Services Is Invaluable
July 6th, 2007I love my dialup! Yes, I mean dialup Internet connection. I’ve been on a broadband wireless connection via a satellite on my roof for a little over a year, but I kept my dialup account just in case I ever needed a backup. Today I needed a backup.
Miscellaneous Fourth of July Facts
July 4th, 2007Today is Independence Day in the U.S., and I certainly am thankful for all the freedoms I have that have given me the opportunity to write freely in my blog, have my own business, work from my home office, freely go basically wherever I want, be friends with whomever I want (that also want to be my friend), read whatever books I want to read, see whatever movies I want to see, listen to whomever I want to listen to, wear whatever I want to wear, and have the beliefs about life, love and religion that I have.
Trademarks, Virtual Reality Sites, and Creating a Very Aware Next Generation of Information Assurance Leaders
July 3rd, 2007I’ve been working in my home office for around 7 1/2 years, being able to do most of my project work from home, which I’m thankful for. During that time my now 10-year-old and 7-year-old (he’ll remind you he turns 8 next month) sons have been around me quite a bit as I do my work. So I discuss a lot of what I do with them, they ask a lot of questions, and they soak a whole lot more into their brains than I realize. Especially over summer when they are at home with me virtually all day every day.
5 Security Lessons from Non-Compliance with UK Data Protection Law
July 2nd, 2007I speak with many organizations who have customers throughout the world, often via their ecommerce websites, and an alarmingly large number of these organizations are completely unaware of the data protection laws they must follow in the countries where their customers are from. When the privacy commissioners from these other countries discover the organizations not following the laws, the organizations can have substantial financial impact on their businesses from not only fines, but typically more significantly from bad press, and orders to discontinue business within the country until they have their business activities, policies and processes in compliance with the requirements.
