Posts Tagged ‘policies and procedures’

« Older Entries
Newer Entries »

Sarbanes Oxley: More Speculation on Rehaul

Sunday, December 10th, 2006

For those of you who are always looking for opinions on SOX, Pierce McNally wrote an opinion piece that appeared in today’s (Sunday’s) Minneapolise-St. Paul Star Tribune about how SOX needs to be reformed or it will cost companies needless amounts of millions of dollars in annual compliance costs.
Nothing really new, just more speculation that there is going to be a SOX overhaul sometime soon. However, perhaps something to add to your archives.

Tags:, , , , ,
Posted in Laws & Regulations | No Comments »

FTC Provides Claims Forms for Individuals Impacted by the 2004 Choicepoint Incident

Sunday, December 10th, 2006

On December 6, 2006, the U.S. Federal Trace Commission (FTC) made claims form available for anyone who believes they had identity theft occur as a result of the Choicepoint security incident late in 2004 involving at least 163,000 individuals. Since then around 1,400 individuals have indicated they have been victims of identity theft as a result of that incident.

(more…)

Tags:, , , , , , , ,
Posted in Privacy and Compliance, Privacy Incidents | No Comments »

U.S. Naval War College Network and Website Still Down From Hack Over Two Weeks Ago

Thursday, December 7th, 2006

Tuesday Silicon Valley reported the U.S. Naval War College’s network and website had been down for over two weeks as a result of a hacker. The hacker apparently didn’t take the site and network down, but the Navy Cyber Defense Operations Command took it offline after detecting the unauthorized access on, or around, November 16.

(more…)

Tags:, , , , , , , ,
Posted in Information Security | 2 Comments »

Laptop Theft: PII About 1,000 W.Va. Air National Guard Members

Wednesday, December 6th, 2006

A report in the Air Force Times indicates a laptop containing personally identifiable information (PII) about 1,000 West Virginia Air National Guard members was stolen during a training trip in November. The spokesperson for the Air National Guard indicated:

“The Air Force uses some of most sophisticated encryption processes to safeguard information on government computers”

…implying the data on the laptop was encrypted, but not coming right out and saying it was.

(more…)

Tags:, , , , , , , , , ,
Posted in Lost & Stolen Laptops, Privacy and Compliance | 2 Comments »

FTC Report on FACTA Effectiveness: Highlights the Need for Better Data Accuracy Practices

Tuesday, December 5th, 2006

Today the FTC released their report, “Second Interim Report of the Federal Trade Commission to Congress Under Section 319 of the Fair and Accurate Credit Transactions Act of 2006.”
Before I comment on the report, as an interesting aside, one of the authors of the report, Chairman Deborah Platt Majoras, was named of of 2006’s “Top 5 Influential IT Security Thinkers” in the December 2006 issue of SC Magazine, but I don’t see this issue on their site yet.

(more…)

Tags:, , , , , , , ,
Posted in Privacy and Compliance | No Comments »

FTC Report on FACTA Effectiveness: Highlights the Need for Better Data Accuracy Practices

Tuesday, December 5th, 2006

Today the FTC released their report, “Second Interim Report of the Federal Trade Commission to Congress Under Section 319 of the Fair and Accurate Credit Transactions Act of 2006.”
Before I comment on the report, as an interesting aside, one of the authors of the report, Chairman Deborah Platt Majoras, was named of of 2006’s “Top 5 Influential IT Security Thinkers” in the December 2006 issue of SC Magazine, but I don’t see this issue on their site yet.

(more…)

Tags:, , , , , , , ,
Posted in Privacy and Compliance | No Comments »

Oracle Releases New Application Data Safeguard Standards

Monday, December 4th, 2006

On 11/28 Oracle released new technology standards for safeguarding data throughout the applications data flow called the Identity Governance Framework (IGF). CNET news reported on it November 30. The article points out that such standards would help prevent data leaks and also contribute to regulatory compliance.

(more…)

Tags:, , , , , ,
Posted in Privacy and Compliance | No Comments »

Security OOPS! PII For School Employees Accidentally Mailed by School’s Contractor

Friday, December 1st, 2006

On November 27 the Chicago Tribune reported:

“A printing contractor for the Chicago Public Schools said Sunday that it mistakenly mailed a list of names, Social Security numbers and home addresses of nearly 1,740 former school employees as part of a packet of health-insurance information to them.”

Oops! Another privacy breach resulting from a combination of human error and actions by an outsourced vendor.

(more…)

Tags:, , , , , ,
Posted in Privacy Incidents | No Comments »

Data Mining Doesn’t Always Pay: $1.135 Million Judgment

Thursday, November 30th, 2006

On November 29 Judge Clarence Cooper of Atlanta’s U.S. District Court ordered that Tamarac, Fla.-based 1st Source Information Specialists Inc. and company principals Kenneth W. Gorman and Steven Schwartz disgorge all profits and pay Cingular Wireless compensatory and punitive damages and attorney fees totaling $1,135,000.
1st Source was harvesting cell phone numbers from web sites and doing reverse lookups for cellphone numbers and selling the information to other businesss for $110 to $195. To make things worse they were also selling records of the calls made from specific cell phone numbers; an additional huge invasion of privacy.

(more…)

Tags:, , , , , , ,
Posted in Privacy and Compliance | 1 Comment »

The Impact of the New False Claims Act Guidelines on HIPAA Compliance

Wednesday, November 29th, 2006

A news report caught my eye, “HIPAA Enforcement Swings from Voluntary Compliance to Punishment for Violation of Privacy and Security Laws as States Join Federal Enforcement Under Federal Mandate.”

(more…)

Tags:, , , , , ,
Posted in Privacy and Compliance | 1 Comment »

« Older Entries
Newer Entries »