Yesterday the Dallas Morning News reported "Three laptops, one of them containing personal information on thousands of blood donors ‚Äì including Social Security numbers and medical histories ‚Äì were stolen from a locked closet in the Farmers Branch office of the American Red Cross in May."   

It is good to read that this data was encrypted.  The report indicates the information could be decrypted with a password, though, so hopefully they had a strong password in effect.  Effective and successful security all comes down to human decisions and actions, as do most information security issues. If the password was a good one, the data was probably safe…assuming it was not an insider with knowledge of the password who took the laptops.

BTW, the laptops were recovered. 

Technorati Tags
information security
IT compliance
corporate governance
awareness and training
laptop theft
breach notice laws
encrypt
passwords
insider threat

privacy

This entry was posted on Sunday, July 2nd, 2006 at 8:14 pm and is filed under Privacy and Compliance. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.