This is the second week in a row that I’ve been traveling and doing conference sessions, keynotes and my 2-day training class, so I’ve been a bit lax in my blog postings simply because of lack of time.
One of the things I like to do while traveling is to take notes about the many different types of personally identifiable information (PII) I see and hear while traveling. Traveling presents many significant risks to PII and other businss information, and not enough organizations provide training to their personnel to help them understand how to reduce those risks.
Here are a few of my notes from these current two weeks of travel…
Posts Tagged ‘policies and procedures’
Traveling PII
Monday, November 17th, 2008Example Of How Many Healthcare Providers Do Not Understand HIPAA
Wednesday, November 12th, 2008HIPAA is misunderstood by many personnel who work for healthcare providers; probably because they do not receive effective or good training about HIPAA. Here is a good example of how healthcare providers inappropriately withhold information in the name of HIPAA…
U.S. Do Not Call Registry Accuracy
Tuesday, November 11th, 2008The “Do-Not-Call Improvement Act of 2007 Report to congress: regarding the Accuracy of the Do Not Call Registry” was just released a few days ago.
I found the following excerpt interesting…
FTC Applies GLBA & FTC Act Sanctions To Mortgage Lender
Monday, November 10th, 2008I anticipate that with the big $700 billion “rescue” plan the government is going to continue the increased compliance activities…
Cybercriminals Threaten To Post Millions Of PII Records For Express Scripts Customers
Friday, November 7th, 2008Just last month I blogged about the new Identity Theft Enforcement and Restitution Act of 2008. It covers extortion. I’m interested to see if it gets used for the latest extortion attempt…
State of New York Issues Guide For Protecting PII
Thursday, November 6th, 2008The State of New York just released a general guide to the protection of personally identifiable information (PII)…
Email “Hack” Tells University Students & Staff That U.S. President Vote Is “Tomorrow”
Wednesday, November 5th, 2008Here’s another email incident example to add to your files…
New Examiner Instructions From The OTS For Red Flags Rule Enforcement
Monday, November 3rd, 2008Organizations that are covered by regulations will do themselves a free compliance favor by reading…and knowing…what the examiners will be looking for when they visit to do their compliance audits.
Use Case Studies To Make Learning More Effective
Friday, October 31st, 2008I’m in the process of updating the case studies for the 2-day class I’m giving…TWICE…in the next few weeks, “Information Security and Privacy Convergence and Collaboration.”
First in Grand Rapids, Michigan, hosted by the Michigan InfraGard and the West Michigan Chapter of ISACA on November 12 and 13.
Second immediately following the CSI Annual conference in National Harbor, MD (just south of D.C.) on November 20 and 21…
Use Case Studies To Make Learning More Effective
Friday, October 31st, 2008I’m in the process of updating the case studies for the 2-day class I’m giving…TWICE…in the next few weeks, “Information Security and Privacy Convergence and Collaboration.”
First in Grand Rapids, Michigan, hosted by the Michigan InfraGard and the West Michigan Chapter of ISACA on November 12 and 13.
Second immediately following the CSI Annual conference in National Harbor, MD (just south of D.C.) on November 20 and 21…
