A childhood friend of mine, who does not have a technology or information security background, recently asked me whether or not apps that promise messages, photos, videos, and anything else sent through them will completely disappear were to be trusted. She referenced several different proclaimed “disappearing messages” apps that are currently available and asked, “So what do you think of these disappearing apps? The messages are not really gone?” She is responsible for the care of an adult relative, and wanted to be able to communicate with his healthcare providers securely, and to not have any of the communications to linger and had been using one of these apps. (more…)
Posts Tagged ‘privacy awareness’
No Those Messages Will Not Completely Self-Delete
Friday, October 30th, 2015Four Things to Do for National Cyber Security Awareness Month
Friday, October 16th, 2015Since this is National Cyber Security Awareness Month (NCSAM) it seems appropriate to give some examples and tips for how everyone can improve upon security, and better protect their privacy, this month. (more…)
Improve Information Security and Privacy Now!
Monday, December 22nd, 2014Too many businesses have poor information security controls in place (e.g,. demonstrably Sony, Staples, and a seemingly infinite number of other companies) and are basically giving their intellectual property, and the personal information they are responsible for, away.
A recent Sailpoint survey reveals that: (more…)
5 Effective Ways to Raise Privacy Awareness
Thursday, December 18th, 2014Have you made plans for Data Privacy Day (DPD) yet? What, you’ve never heard of DPD? You can see more about it here. Or, have you heard about DPD, but you’ve not yet had time to plan for it? Well, I love doing information security and privacy awareness activities and events! I’ve been doing them for 2 ½ decades, and have written about them often, and included a listing of 250 awareness activities in my Managing an Information Security and Privacy Awareness and Training Program book.
Here are five of the ways that I’ve found to be very effective for raising privacy awareness throughout the years. (more…)
Privacy Awareness: Moving from “I have nothing to hide” to “Oh dear!”
Wednesday, December 10th, 2014The day before Thanksgiving here in the U.S. I had the great pleasure of speaking with a couple of consumate information security experts from across the pond in England and Norway, Kai Roer and Mo Amin, on an episode of their Security Culture TV! We chatted about how to get folks to be more aware of privacy risks, and how to change their mindset to a more privacy proactive stance. You can see this episode here.
When you look at recent breaches, it is clear that awareness of information security and privacy risks, and how to mitigate them, is not getting the attention necessary by leaders of organizations. Why else would (more…)
Community Information Security and Privacy Awareness
Monday, April 27th, 2009Today I read a nice article describing a presentation about information security, “Cyber safety tips shared“…
My Son Caught A “Hacker”!
Thursday, April 23rd, 2009NOTE: Just realized today is Take Your Child To Work Day so this is timely! 🙂
My sons, 12-years-old and 9-years-old, have been with me a lot while I work in my home office over the years, and they have a strong interest in much that I do. I even ask them to read the articles I write for Protecting Information since I want that publication to be informational to not only personnel, but also all the personnel’s family members.
It amazes me how much my sons soak up that I’m not even aware of…
2 More Things In History That Could Have Improved Infosec & Privacy
Wednesday, April 22nd, 2009Late last week I blogged about a question I got while at InfoTec in Omaha last week, “2 Things In Computing History That Could Have Improved Information Security and Privacy“…
Breach Notices, Securing PHI & PHR Vendor Responsibilities Under HIPAA/HITECH Act
Tuesday, April 21st, 2009Last Friday the US Department of Health and Human Services (HHS) released, at the last possible moment to meet their deadline, their interim final regulations to require covered entities (CEs) under the Health Insurance Portability and Accountability Act (HIPAA) and their business associates (BAs) to provide for notification in the case of breaches of unsecured protected health information (PHI) as required by the HITECH Act.
If you’ve read any of the at least 47 U.S. state and territory beach notice laws you will get a strong sense of deja vu while reading this document. They borrowed HEAVILY from the various existing breach notice laws to estblished their proposed definitions of securing PHI, what constitutes a “breach” of PHI, and for doing breach notifications.
There are two major issues…
HIPAA Requirements Changes & Business Associates Impacts From HITECH Act
Monday, April 20th, 2009Last week I engaged in a very interesting tweetversation with David Mortman about when the U.S. Department of Health and Human Services (HHS) needs to get their guidance documents and rules published for the various HITECH Act requirements…
