Posts Tagged ‘IT compliance’

Web 2.0 Privacy and Security Considerations

Monday, March 9th, 2009

I’ve been having a lot of conversations in the past few weeks about Web 2.0 privacy and security issues. Web 2.0 certainly has greatly enhanced how the Internet can be used. Posting information on blogs, social networking sites, microblogs (such as Twitter), texting, IMing and an assortment of other types of activities have become a normal part of many people’s lives.

(more…)

Web 2.0 Privacy and Security Considerations

Monday, March 9th, 2009

I’ve been having a lot of conversations in the past few weeks about Web 2.0 privacy and security issues. Web 2.0 certainly has greatly enhanced how the Internet can be used. Posting information on blogs, social networking sites, microblogs (such as Twitter), texting, IMing and an assortment of other types of activities have become a normal part of many people’s lives.

(more…)

Most Laws Are Flawed, But It Is Up To Us To Make Them Better & Make Them Work

Friday, March 6th, 2009

Rafal Los makes some very good points in his post “Analysis of the Stimulus Bill and Healthcare Privacy” from a few days ago. I started writing all my thoughts as a comment to him, but then decided it would work well as a blog post…

(more…)

UK Company Caught Selling Their Employees’ & Job Applicants’ PII

Thursday, March 5th, 2009

Here’s an interesting shocking story about some bad…make that VERY BAD…business decisions in the UK to make money by selling employees’, and job applicants’, personally identifiable information (PII) as a revenue stream…

(more…)

A Cornucopia Of Audit, Information Security and GRC Information

Wednesday, March 4th, 2009

It was great to see Dan Swanson include some of my resources in his Security Insider blog posting today!

(more…)

31 Info Sec & Privacy Tweets From Past 4 Days

Tuesday, March 3rd, 2009

I’ve been running across many interesting and useful news reports and pieces of information over the past few days, and putting them out on my Twitter peeps/tweeps/tweets/etc. For posterity and my own future reference, here’s a listing of the ones from the past few days I want to be able to look back upon without paging through multiple posts on my PrivacyProf account…

(more…)

31 Info Sec & Privacy Tweets From Past 4 Days

Tuesday, March 3rd, 2009

I’ve been running across many interesting and useful news reports and pieces of information over the past few days, and putting them out on my Twitter peeps/tweeps/tweets/etc. For posterity and my own future reference, here’s a listing of the ones from the past few days I want to be able to look back upon without paging through multiple posts on my PrivacyProf account…

(more…)

31 Info Sec & Privacy Tweets From Past 4 Days

Tuesday, March 3rd, 2009

I’ve been running across many interesting and useful news reports and pieces of information over the past few days, and putting them out on my Twitter peeps/tweeps/tweets/etc. For posterity and my own future reference, here’s a listing of the ones from the past few days I want to be able to look back upon without paging through multiple posts on my PrivacyProf account…

(more…)

HIPAA & Calling Out Full Names In Waiting Rooms

Monday, March 2nd, 2009

Over the years I have done several interviews for articles about HIPAA compliance. I recently did an interview for an HCPro article, “Physician offices: Tackle a different set of privacy training challenges.” (Sorry, this is not publicly posted to my knowledge.)
Well, today I received a message about this article from a clearly agitated reader, whose name (of course) I am not including in the following message…

(more…)

Judgment For Disclosing PII To Business Partners: Explicit Opt-In Is Required

Friday, February 27th, 2009

I just ran across the judgment for an interesting case involving privacy and opt-in consent for disclosing personally identifiable information (PII)…

(more…)