Ever since talk of the bird flu pandemic started making the news in 2005, information assurace folks have talked about how this could affect them and their efforts. There have been some very interesting viewpoints and insights. Most related to the loss of availability of personnel needed for the business to continue to function, loss of access to vendors, and to outsourced entities, and other emergency management and disaster recovery issues.
When you start thinking about it and brainstorming with your colleagues you discover there truly are many related information assurance issues.
Posts Tagged ‘government’
Emergency and Disaster Planning: Government Establishes a Limited Time Pandemic Flu “Blog Summit”
Friday, May 25th, 2007Many New U.S. State and Federal Privacy Bills Introduced, and Some New State Data Protection Laws Signed
Monday, May 21st, 2007Boy oh boy, do we ever need a comprehensive federal data protection law in the U.S.! Each week more and more state level laws are introduced, many of them passed, all dealing with different aspects of data protection, and all impacting and complicating an information security and privacy professional’s responsibilities.
This past week was a busy one with a flurry of new and updated bills related to protecting privacy introduced, and a few new state laws.
Two U.S. Federal Data Protection Bills Approved: One May Actually Make It Through
Wednesday, May 9th, 2007It looks like we make actually get a federal data protection law, that includes breach notice requirements, this year. Such a law is long overdue; not only to protect personally identifiable information (PII), but also to help businesses to resolve their growing headaches involved with trying to comply with at least 36 state breach notice laws as well as dozens of other state level data protection and credit freeze laws, and multiple industry-specific data protection laws.
Deadline is Today for Submitting Comments to the DHS About Draft REAL ID Rules
Tuesday, May 8th, 2007The Department of Homeland Security (DHS) published draft rules regarding REAL ID. Comments are due by 5:00 PM Eastern Time *TODAY*.
France Fines Tyco Healthcare: U.S. Companies, You MUST Know and Follow International Data Protection Laws
Monday, May 7th, 2007In April the French Data Protection Authority (CNIL) reported they had issued a $40,972 fine against a subsidiary of U.S.-based Tyco Healthcare in March for inadequate storage safeguards and cross-border transfer of employee personally identifiable information (PII).
Data Security: OECD Publishes New Privacy Guidelines for Accessing Data From Publicly Funded Research Projects
Sunday, May 6th, 2007On May 3 the Organization for Economic and Cooperation and Development (OECD) released a new 24-page guideline,”Principles and Guidelines for Access to Research Data from Public Funding” for organizations in governments throughout the world regarding access to data from publicly funded research projects.
Data Security: OECD Publishes New Privacy Guidelines for Accessing Data From Publicly Funded Research Projects
Sunday, May 6th, 2007On May 3 the Organization for Economic and Cooperation and Development (OECD) released a new 24-page guideline,”Principles and Guidelines for Access to Research Data from Public Funding” for organizations in governments throughout the world regarding access to data from publicly funded research projects.
Employee Privacy & New Credit Check Law In Washington State Impacts Employers: Joins Similar Laws In 4 Other States
Friday, May 4th, 2007Doing background checks on potential employees, and regularly for certain positions with significant access to personally identifiable information (PII) or managemen capabilities, has been a growing trend in recent years. Such checks are viewed as ways to help prevent putting untrustworthy and significant at-risk individuals into positions where they could perform malicious and/or criminal activities.
HIPAA: More Changes and Initiatives by HHS
Thursday, April 26th, 2007I’ve been reading so much about HIPAA lately; no enforcement actions yet, but a lot of changes, proposals and initiatives.
Two more I read about recently:
HIPAA: Advisory Workgroup Proposes PHI Security and Privacy Requirements Should Apply to All Organizations
Monday, April 23rd, 2007The Department of Health and Human Services (HHS) has a Confidentiality, Privacy, and Security Workgroup, also known as the American Health Information Community, that is made up of practitioners, IT folks, lawyers and other leaders outside of the government who want a say in how protected health information (PHI) is safeguarded, shared, and otherwise handled.