Posts Tagged ‘privacy incident’

Another Approach To Licensing Compliance

Sunday, November 25th, 2007

My blog posting from earlier talked about how the MPAA is trying to combat movie piracy.
I just visited the LinkedIn site and was intrigued to find an ad from the Business Software Alliance (BSA) offering up to $1,000,000…yes, US $1 million …for reporting illegal software and copyright infringements by organizations, by a distributor, or over the Internet.


Don’t Throw Away The Privacy Of All And Jeopardize Network Security To Run A Compliance Tool

Sunday, November 25th, 2007

Many times software designed to enforce legal compliance, or find network users who are breaking laws, bring along with them greater risks to information security and privacy.


Show “Home Alone” To Raise Social Engineering Awareness

Saturday, November 24th, 2007

I hope those of you who celebrated Thanksgiving had a great one! I spent a very nice day with my family at my brother’s house. After getting back home we decided to watch some Christmas movies, so we spent the evening watching one of my very favorites, “A Christmas Story” and then “Home Alone.”


Show Your CFO and CEO the Potential Financial Impact of a Privacy Breach

Friday, November 23rd, 2007

My central Iowa Infragard president, Tom Conley sent all our members a note on Wednesday with a link to a site that contains 9 variables to help demonstrate the range of financial impact to organizations that experience an incident involving personally identifiable information (PII).


Something You Should Know: FTC Is Aggressively Going After Companies With Poor Security

Sunday, October 7th, 2007

Of all the U.S. government regulatory oversight agencies, the Federal Trade Commission (FTC) is the most active and aggressive in looking for and applying penalties to organizations that not only are in noncompliance with laws and regulations, but also those who are not in compliance with their own information security and privacy promises; in other words, those that are practicing “unfair and deceptive trade practices.”


Why Would You Trust Microsoft To Store Your Sensitive Health Information?

Thursday, October 4th, 2007

Today Microsoft launched their new web portal, HealthVault to store, for free, “medical histories, immunization and other records from doctors’ offices and hospital visits, including data from devices like heart monitors. It is also tied to a health information search engine the software maker launched last month.”


PII for 60,000 Lost In Yet Another Incident: Know How To Address The Risks Involved With Entrusting PII To Business Partners

Thursday, September 13th, 2007

Yesterday yet another incident occurred where a business partner / vendor lost the personally identifiable information (PII) for which they had been entrusted. Americhoice sent a CD containing the PII of 67,000 individuals to TennCare via overnight UPS delivery.


The Need to Build Security In: Poor Implementation of Indianapolis Public Schools Website Allows Viewing of PII For 7000+ Students and Teachers

Friday, May 18th, 2007

Today Monsters and Critics reported, “Indianapolis Public Schools exposes thousands to risk of identity theft.”
Apparently the Indianapolis Public Schools (IPS) website “that allows teachers to post reviews, student-writing samples, grades, and other confidential material to the IPS network” was implemented and configured without much attention to security.


Vulnerabilities of Transport Services & Privacy Incident Example: Wellpoint CD Containing PII of 75,000 People, Lost During UPS Transport, Found

Friday, March 16th, 2007

A CD containing the clear text personal information of 75,000 WellPoint Empire Blue Cross and Blue Shield New York members that was reported lost on February 9 while being transported by UPS has been found.
The CD was lost when one of Wellpoint’s outsourced vendors, Health Data Management Solutions, sent the CD via UPS to Magellan Behavioral Health Services.