Posts Tagged ‘Information Security’

« Older Entries
Newer Entries »

FTC Report on FACTA Effectiveness: Highlights the Need for Better Data Accuracy Practices

Tuesday, December 5th, 2006

Today the FTC released their report, “Second Interim Report of the Federal Trade Commission to Congress Under Section 319 of the Fair and Accurate Credit Transactions Act of 2006.”
Before I comment on the report, as an interesting aside, one of the authors of the report, Chairman Deborah Platt Majoras, was named of of 2006’s “Top 5 Influential IT Security Thinkers” in the December 2006 issue of SC Magazine, but I don’t see this issue on their site yet.

(more…)

Tags:, , , , , , , ,
Posted in Privacy and Compliance | No Comments »

Oracle Releases New Application Data Safeguard Standards

Monday, December 4th, 2006

On 11/28 Oracle released new technology standards for safeguarding data throughout the applications data flow called the Identity Governance Framework (IGF). CNET news reported on it November 30. The article points out that such standards would help prevent data leaks and also contribute to regulatory compliance.

(more…)

Tags:, , , , , ,
Posted in Privacy and Compliance | No Comments »

Security OOPS! PII For School Employees Accidentally Mailed by School’s Contractor

Friday, December 1st, 2006

On November 27 the Chicago Tribune reported:

“A printing contractor for the Chicago Public Schools said Sunday that it mistakenly mailed a list of names, Social Security numbers and home addresses of nearly 1,740 former school employees as part of a packet of health-insurance information to them.”

Oops! Another privacy breach resulting from a combination of human error and actions by an outsourced vendor.

(more…)

Tags:, , , , , ,
Posted in Privacy Incidents | No Comments »

Data Mining Doesn’t Always Pay: $1.135 Million Judgment

Thursday, November 30th, 2006

On November 29 Judge Clarence Cooper of Atlanta’s U.S. District Court ordered that Tamarac, Fla.-based 1st Source Information Specialists Inc. and company principals Kenneth W. Gorman and Steven Schwartz disgorge all profits and pay Cingular Wireless compensatory and punitive damages and attorney fees totaling $1,135,000.
1st Source was harvesting cell phone numbers from web sites and doing reverse lookups for cellphone numbers and selling the information to other businesss for $110 to $195. To make things worse they were also selling records of the calls made from specific cell phone numbers; an additional huge invasion of privacy.

(more…)

Tags:, , , , , , ,
Posted in Privacy and Compliance | 1 Comment »

The Impact of the New False Claims Act Guidelines on HIPAA Compliance

Wednesday, November 29th, 2006

A news report caught my eye, “HIPAA Enforcement Swings from Voluntary Compliance to Punishment for Violation of Privacy and Security Laws as States Join Federal Enforcement Under Federal Mandate.”

(more…)

Tags:, , , , , ,
Posted in Privacy and Compliance | 1 Comment »

More on Telecommunications Security: Strong Customer Identity Verification Procedures are Necessary

Tuesday, November 28th, 2006

Since I’m on the topic of cell phone security and privacy today, I want to discuss briefly a story from yesterday on CNN, “Fan hacks Linkin singer cell data, threatens wife.”

(more…)

Tags:, , , , , , ,
Posted in Privacy and Compliance | No Comments »

Is There Security for Enroute Text Messages? Some Odd Incidents…

Tuesday, November 28th, 2006

I have a couple of friends I exchange text messages with often. I always have my cell phone with me, so it’s an easy way to just say “Hi!” or see how their day is going. When I’m out and about and see something interesting (buildings, plants, etc.), unusual (clothing or hairdos of people traveling in airports, etc.), or downright weird (“exotic” food I’ve ordered at restaurants, etc.), I like to take a photo and send it attached to a text message to one or more of my friends just to share the moment.

(more…)

Tags:, , , , , , ,
Posted in Privacy and Compliance | No Comments »

DOT Stolen Laptop: Arrest Made

Monday, November 27th, 2006

The U.S. Department of Transportation (DOT) laptop stolen in July containing information “such as names, addresses, social security numbers, and dates of bith‚Äîon more than 130,000 individuals who were issued driver’s and pilot licenses in the Tampa and Miami areas” is still missing, but an arrest has been made.

(more…)

Tags:, , , , , , ,
Posted in Lost & Stolen Laptops | No Comments »

Establish Effective Procedures for Removing Systems Access: Example

Tuesday, November 21st, 2006

An article from last Wednesday (11/15) just caught my eye; it is intriguing: “Hoffacker charged with hacking system.” The article indicates a former VP of Technology at Source Media, Stevan Hoffacker, was

“charged with hacking into the company’s computer system three years after he was dismissed, and tipping off employees whose jobs were in jeopardy.”

(more…)

Tags:, , , , , , ,
Posted in Information Security | No Comments »

Support for Information Assurance Activities: Details of FTC Rulings Since 1969 Now Available

Monday, November 20th, 2006

I am excited. I’m really happy to see that the U.S. Federal Trade Commission (FTC) has now made available all the minute details about all their rulings since 1969 in one easy (comparatively) to find location.
Why is this so neat, you ask?

(more…)

Tags:, , , , , , , ,
Posted in Privacy and Compliance | No Comments »

« Older Entries
Newer Entries »