Posts Tagged ‘IT compliance’

5 Easy Things To Do for Global Security Week, September 8 – 12

Tuesday, September 2nd, 2008

Next week is Global Security Week!
Do you have anything planned for your organization to help raise the awareness of all types of security issues?
Here are a few ideas I wanted to pass along to you…

(more…)

The Power of Logs: IRS Examiner Sentenced & Fined For Accessing PII Without Authorization

Monday, September 1st, 2008

Now, here’s a great example of an organization actually following through on their procedures to review access logs, and then to apply sanctions and take necessary other actions in response to non-compliance with not only organizational policies, but also with applicable laws…

(more…)

Laptop Containing PII of 1 Million+ People Sold On eBay for $141

Saturday, August 30th, 2008

I’ve been doing a lot of work with data retention and disposal policies and procedures lately, remembering the silly things I have read about with regard to organizations getting rid of their computers, such as selling their computers on eBay when they no longer need them…without removing the information! This is certainly not a phenomenon that is confined to the U.S.
Lo and behold, another situation has happened where an organization sold their old computer on eBay…for a bargain at £77 ($141), and it contained a a huge amount of personally identifiable information (PII), including credit card applications, on what is reported to be as many as over 1 million customers. Here are a few excerpts from the report in Forbes…

(more…)

More Data Retention Tips And Considerations

Thursday, August 28th, 2008

Here are some more data retention tips and considerations as a follow-up to my Tuesday blog post

(more…)

Do You Know Your Data Retention Requirements?

Tuesday, August 26th, 2008

There have been several interesting news reports recently about data retention proposals, plans, practices and laws in the U.K.
Currently there are proposals to require emails to be retained for a full year, but critics contend that sloppy data retention practices will result in actual retention periods much longer, if the emails even ever get deleted.
This is an important point; when it comes to data retention, the requirements are rarely, if ever, followed by some organizations…

(more…)

Insider Threat Examples & 7th HIPAA Criminal Conviction

Monday, August 25th, 2008

Yesterday I read about the 7th criminal conviction and sentencing that has been given under HIPAA, “Woman gets 14 months in ID theft case.”

(more…)

A Privacy Song About…Überveillance!

Sunday, August 24th, 2008

I was delighted to get a message this morning from my friends down-under, Dr. M. G. Michael and Dr. Katina Michael from the University of Wollongong.
If you’ll recall, a few months ago I made a couple of blog postings about überveillance here and here.

(more…)

Iowa’s Fields of Digital Dreams

Saturday, August 23rd, 2008

I knew that Microsoft was planning to build a large data storage facility in Iowa, but I was a little surprised to see that they will virtually be neighbors with me!

(more…)

TV Anchor Confesses To Snooping His Co-Anchor’s 3 Email Accounts For 2 Years!

Friday, August 22nd, 2008

A few months ago I blogged about a co-anchor at a television station who was accused of getting into his co-anchor’s email and passing information from the messages along to news outlets.
I was interested to see a CNN report today, “Fired anchor pleads guilty to e-mail snooping” that followed up on this story. Larry Mendte reportedly admitted to accessing Alycia Lane’s emails, in her 3 home and work accounts, over 500 times over a 2-year period!
Okay, why was he able to so easily get into her email accounts…3 OF THEM!…over a period of 2 years?! Wasn’t there any security applied to these email systems?
Some possibilities…

(more…)

Company Uses Negotiated Checks For Packing Material!

Thursday, August 21st, 2008

Not much surprises me any more with regard to some of the silly things that organizations do with printed PII that put the involved individuals at risk.
However, I was surprised when I watched an ABC News report this morning…

(more…)