Yesterday Twitter reported here and here that several (33 to be exact) Twitter accounts were hacked into. This is in addition to the current, but separate, Twitter phishing…otherwise known as “twishing“…exploit that is simulatenously going on.
Posts Tagged ‘privacy training’
Audit’s Role in Privacy Breach Response
Monday, January 5th, 2009Next week, on Wednesday, January 14, I will be in Minneapolis, MN speaking at the Minneapolis Gateway Hotel for the ISACA Winter Quarterly Meeting/Social.
My topic will be, “Internal Audit’s Role in Responding to Privacy Breaches.”
Here’s a synopsis…
Business Info Fact Of The Day: Data Multiplies Faster Than Cockroaches And Some Bacteria!
Monday, January 5th, 2009Is it any wonder organizations have a hard time protecting their data, let alone knowing where it all is?
Surveillance: Iowa Support’s Wife’s Privacy Invasion Claim
Sunday, January 4th, 2009Privacy-related news in Iowa…and there seems to be a lot of it sometimes…is always of special interest to me. I often wonder how the same types of situations would play out in other states. Here’s an invasion of privacy case regarding in-home surveillance that is particularly interesting…
CORRECTION: Massachusetts Data Protection Law Takes Effect May 1, 2009
Saturday, January 3rd, 2009A big thank you to Brandon Dunlap and Brett Myers for catching an error I made in my January 1 post…
New Data Protection Laws Go Into Effect Today
Thursday, January 1st, 2009Happy New Year!
Several news laws go into effect today. Here are just a few of them…
Using Speeding Surveillance To Get Your Enemies In Trouble
Wednesday, December 31st, 2008Well, you knew this type of abuse would happen sooner or later…
HIPAA Violation: Medical Clinic Leaves Box With PHI On Public Dumpster
Tuesday, December 30th, 2008This summer I had planned to do a dumpster-diving project with my sons, but then the Iowa floods postponed those plans. However, after reading the following I’m motivated to plan to do this in the spring after basketball and G&T activities are finished for the winter…
Insider Threat Example: 19,000 Pieces Of Computer Equipment Stolen; Why Didn’t Someone Notice?
Monday, December 29th, 2008Okay, this story begs the question, why didn’t someone at the Naval Research Laboratory notice disappearing equipment…?
New HHS Guidance States HIPAA Does Not Apply To PHRs
Sunday, December 28th, 2008I hope you are all having a wonderful holiday season! I hadn’t planned to take the past few days off from blogging, but something like the flu (probably the flu) hit me like a bag of bricks on Christmas day and I’ve been curled in a fetal position in my bed for the past few days. Oddly enough while laying there feeling like my bones were all slowly dissolving (and thinking about the types of body braces you’d need to create to deal with something like that!) I was also thinking about how silly it was for the Health Insurance Portability and Accountability Act (HIPAA; and any industry-specific data protection law) to define that the only organization’s that would legally need to safeguard protected health information (PHI) are the narrowly defined covered entities (CEs); healthcare providers, healthcare insurers and healthcare clearinghouses.
