Of all the U.S. government regulatory oversight agencies, the Federal Trade Commission (FTC) is the most active and aggressive in looking for and applying penalties to organizations that not only are in noncompliance with laws and regulations, but also those who are not in compliance with their own information security and privacy promises; in other words, those that are practicing “unfair and deceptive trade practices.”
Posts Tagged ‘FTC Act’
Something You Should Know: FTC Is Aggressively Going After Companies With Poor Security
Sunday, October 7th, 2007Why Would You Trust Microsoft To Store Your Sensitive Health Information?
Thursday, October 4th, 2007Today Microsoft launched their new web portal, HealthVault to store, for free, “medical histories, immunization and other records from doctors’ offices and hospital visits, including data from devices like heart monitors. It is also tied to a health information search engine the software maker launched last month.”
Privacy Breach: Johns Hopkins University Lost Personal Information on 135,000 Individuals
Sunday, February 11th, 2007There now seem to be so many privacy breaches that it is hard to choose which one to discuss…
Last Wednesday, 2/7, Johns Hopkins University reported personal information on 135,000 employees and patients on nine backup tapes were missing that had been given to a contractor, Anacomp Co. Inc., to make microfiche backups.
FTC: Speech Highlights Need for All Organizations To Address Information Security and Privacy & Education On These Topics
Friday, February 9th, 2007The transcript of FTC Chairman Deborah Platt Majoras’ keynote on February 6 at the RSA conference, “ID Theft and Cyber-crime: Where Thieves Victims, Industry and Government Intersect” is available on the FTC site.
I’ve often stressed how the FTC Act basically applies to all organizations of all sizes in all industries doing business in the U.S. that have been entrusted to handle personal information. Too many organizations still believe that information security privacy issues only need to be handled by healthcare or financial organizations. The FTC has made many published statements to demonstrate that all organizations had better get their act together and implement safeguards for personally identifiable information (PII). Some of the statements within Majoras’ keynote emphasize this.
Support for Information Assurance Activities: Details of FTC Rulings Since 1969 Now Available
Monday, November 20th, 2006I am excited. I’m really happy to see that the U.S. Federal Trade Commission (FTC) has now made available all the minute details about all their rulings since 1969 in one easy (comparatively) to find location.
Why is this so neat, you ask?