personal information privacy Archives -

Posts Tagged ‘personal information privacy’

Just Because Security Is Simple Doesn’t Mean People Will Do It

Thursday, July 3rd, 2008

Last Friday I was pondering whether folks were more diligent about security in their homes than businesses were based upon my admittedly very unscientific observations of wireless access points as I drove through the Des Moines, Iowa metro.
To which Davi Ottenheimer commented (thanks Davi!),

Tags:awareness and training, Davi Ottenheimer, Information Security, IT compliance, personal information privacy, policies and procedures, privacy training, risk management, security training, wireless security
Posted in Information Security | No Comments »

Texas EZPawn Throws Away Its Security Promises and Customers’ Privacy and Gets A Handed A Significant Penalty

Wednesday, July 2nd, 2008

Well, here is yet another company that had a nasty habit of just throwing papers containing their customers’ personally identifiable information (PII) into publicly accessible trash cans.
On June 24 a Texas judge handed down a civil penalty of $600,000 against Texas EZPawn for tossing their customer PII, including Social Security numbers, bank account information, driver’s license numbers, date of birth, and other identifying information, into their trash cans without first irreversibly and completely shredding the papers. You can see an example of the types of records found in the trash in the court documents.

Tags:awareness and training, disposal, FACTA, Information Security, IT compliance, personal information privacy, policies and procedures, privacy breach, privacy training, risk management, security training, Texas Credit Services Organizations Act, Texas Deceptive Trade Practices Act, Texas EZPAwn, Texas Identity Theft Enforcement and Protection Act
Posted in Non-compliance Sanctions Examples, Privacy and Compliance, Privacy Incidents | No Comments »