Several weeks ago I got spam from an information security company about a seminar they are putting on. I did not respond; I wasn’t interested. Since that time I have received many messages, all with the same content, from various people from that organization, the tone of which really ticked me off. The following is an excerpt.
Posts Tagged ‘personally identifiable information’
The World is Miffed About Spam & Phishing
Thursday, October 18th, 2007Data Will Always Be Less Safe In The Future…I Don’t Want To Get Gussied Up To Talk On The Phone
Wednesday, October 17th, 2007I have a blog problem…there are way too many things I want to blog about and not enough hours in the day to do it! Throughout each day I note news items from the TV, or website news articles, or research, or reports, or just observations while at businesses or in public, and I only have a chance to blog about a small fraction of them. Today I think I’ll just briefly mention five of the topics I’ve planned to blog about, along with a brief note about each, and then maybe I’ll be able to revisit them sometime in the near future and discuss them at greater length.
Trending Towards More Business Applied Employee Sanctions For Security Incidents
Monday, October 15th, 2007I’ve been noticing lately more and more organizations sanctioning their employees for not following information security policies. I first blogged about it recently on September 24 about a hospital actively enforcing sanctions for HIPAA violations, then again on October 10 about another hospital sanctioning employees for noncompliance, then again on October 11, and then again just yesterday.
Sanctions For Ohio Breach: Lost Vacation Time, Terminations, and a “Resignation”
Sunday, October 14th, 2007The Ohio Department of Administrative Services (DAS) has determined that the appropriate sanction for inadequate security practices by the Ohio Department of Administrative Services’ Administrative Knowledge System (OAKS) ERP project system team leader, that resulted in the theft of an un-encrypted backup tape containing the personally identifiable information (PII) of 1.3 million individuals, is the loss of 40 hours of vacation time.
Something You Should Know: FTC Is Aggressively Going After Companies With Poor Security
Sunday, October 7th, 2007Of all the U.S. government regulatory oversight agencies, the Federal Trade Commission (FTC) is the most active and aggressive in looking for and applying penalties to organizations that not only are in noncompliance with laws and regulations, but also those who are not in compliance with their own information security and privacy promises; in other words, those that are practicing “unfair and deceptive trade practices.”
Why Would You Trust Microsoft To Store Your Sensitive Health Information?
Thursday, October 4th, 2007Today Microsoft launched their new web portal, HealthVault to store, for free, “medical histories, immunization and other records from doctors’ offices and hospital visits, including data from devices like heart monitors. It is also tied to a health information search engine the software maker launched last month.”
The Need to Partner Privacy and IT Efforts *FINALLY* Makes The News!
Sunday, September 30th, 2007I have long been promoting the concept…more accurately, the NEED…of having IT/Information Security and Privacy (often in the legal area) work closely together in order to not only result in each area being the most effective and efficient in their efforts, but also to ensure no conflicting messages are being sent and no gaps in addressing these issues exist. It is additionally good for and improves business to have these areas work closely together; there are at least 20 overlapping topics these areas work on. Unfortunately too often the Privacy and IT/Information Security areas do not even come closely to working together.
Canadian Privacy Commissioners Release TJX Investigation Report
Tuesday, September 25th, 2007Yesterday the Office of the Privacy Commissioner of Canada and the Office of the Information and Prrivacy Commissioner of Alberta released their “Report of an Investigation into the Security, Collection and Retention of Personal Information” concerning the TJX breach. The investigation was performed to determine if, and if so to what extent, the incident was a violation of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and/or the Personal Information Protection Act (PIPA).
Security and Privacy Pros Believe…Yes! Privacy Still Does…Or At Least Can…Still Exist!
Monday, September 24th, 2007Last Friday I had the pleasure of discussing the question of, “Do We Have Privacy Anymore” with a group of highly regarded information security and privacy pros, including:
A Military Grade Encrypting Self-Destructing USB Drive Makes A Great Gift!
Saturday, September 22nd, 2007This morning I was doing some of my Christmas gift shopping…yes, I like to get mine done early! 🙂 Any way, I’m thinking about getting an Ironkey encrypted USB drive for some of my relatives who are in dire need of protecting their information better.
