Ohio Archives -

Posts Tagged ‘Ohio’

Trending Towards More Business Applied Employee Sanctions For Security Incidents

Monday, October 15th, 2007

I’ve been noticing lately more and more organizations sanctioning their employees for not following information security policies. I first blogged about it recently on September 24 about a hospital actively enforcing sanctions for HIPAA violations, then again on October 10 about another hospital sanctioning employees for noncompliance, then again on October 11, and then again just yesterday.

Tags:awareness and training, Connecticut, data breach, Department of Revenue Services, Information Security, IT compliance, Jason Purslow, laptop theft, Ohio, personally identifiable information, PII, policies and procedures, privacy, privacy breach, security sanctions
Posted in Information Security, Non-compliance Sanctions Examples, Privacy and Compliance, Privacy Incidents | No Comments »

Sanctions For Ohio Breach: Lost Vacation Time, Terminations, and a “Resignation”

Sunday, October 14th, 2007

The Ohio Department of Administrative Services (DAS) has determined that the appropriate sanction for inadequate security practices by the Ohio Department of Administrative Services’ Administrative Knowledge System (OAKS) ERP project system team leader, that resulted in the theft of an un-encrypted backup tape containing the personally identifiable information (PII) of 1.3 million individuals, is the loss of 40 hours of vacation time.

Tags:awareness and training, data breach, Information Security, IT compliance, Jerry Miller, Ohio, Ohio Department of Administrative Services, personally identifiable information, PII, policies and procedures, privacy, privacy breach, security sanctions
Posted in Information Security, Non-compliance Sanctions Examples, Privacy Incidents | No Comments »