Posts Tagged ‘privacy’

FTC Fines Mortgage Co. For Tossing PII Into Dumpster: FACTA/FCRA, GLBA, & FTC Act Violations

Wednesday, December 26th, 2007

On December 17 the U.S. Federal Trade Commission (FTC) fined and penalized American United Mortgage Company for throwing the personally identifiable information (PII) and financial information of its customers and consumers into an open, publicly-accessible dumpster.
Under the terms of the penalty, American United Mortgage Company must:

(more…)

Be Prepared For Privacy Breaches!

Friday, December 21st, 2007

This morning I did a podcast interview with bankinfosecurity and they already have it posted!
During the interview I answered and expanded upon five questions and issues:

(more…)

The 12 Threats of Chistmas

Friday, December 21st, 2007

It is time for some humorous entertainment to complement the holiday season, and PGP Corporation has provided it!
Kevin Beaver pointed me to a great YouTube clip, “The 12 Threats of Christmas.”

(more…)

New Wireless = New Vulnerabilities = More Incidents?

Thursday, December 20th, 2007

Most folks are looking at what’s coming in 2008. Heck, let’s go a bit further and look at some potentially big changes slated for 2009!
I just read an interesting Business Week story, “Just Ahead: A Wider Wireless World.”
In February, 2009 analog television broadcasting will be terminated.

(more…)

New Wireless = New Vulnerabilities = More Incidents?

Thursday, December 20th, 2007

Most folks are looking at what’s coming in 2008. Heck, let’s go a bit further and look at some potentially big changes slated for 2009!
I just read an interesting Business Week story, “Just Ahead: A Wider Wireless World.”
In February, 2009 analog television broadcasting will be terminated.

(more…)

Information Security Survey for Financials

Thursday, December 20th, 2007

I just learned about a new survey that’s going on, “The State of Information Security Survey 2008.”
Bankinfosecurity is using it to try to get the best picture of how financial institutions are doing when it comes to information security at their institutions.

(more…)

Responding To Customers Asking About Your Company’s Use of SSNs

Wednesday, December 19th, 2007

For the past 10 years I have been driving the same, reliable, non-troublesome car. It still looks good enough (I don’t really worry about driving an “it” kind of car). However, it is getting a bit rattly, and my friends have been increasingly giving me a hard time about continuing to drive it past the 200,000 mile mark. I never really cared much until my starter went out a couple of months ago. I wondered, what if this had happened to me while I was in a neighboring state at a client site? Sure, I have AAA, but it would still be a hassle. So, I decided if I saw a car I really liked and that had all the features I wanted, I would splurge and get a new car.
Well…I just happened to find a car I absolutely loved after seeing and driving it. I was at the dealer paying for it yesterday, and the sales person asked for my Social Security Number (SSN).

(more…)

Supporting Compliance With ITIL

Tuesday, December 18th, 2007

Organizations have faced legal and regulatory requirements for literally decades. However, IT compliance is relatively young.
U.S. healthcare organizations reacted with alarm over the passage of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The U.S. financial organizations soon followed suit with their reaction to the passage of the Gramm Leach Bliley Act (GLBA), also known as the Financial Modernization Act, of 1999. But probably the biggest whammy felt by the largest numbers of organizations was the passage of the Sarbanes Oxley (SOX) Act of 2002.

(more…)

18 IT Compliance, Info Sec & Privacy Links to Fortune’s 101 Dumbest Business Moments in 2007

Monday, December 17th, 2007

Tis the season for lists upon lists upon lists. However, Fortune’s “101 Dumbest Moments in Business” for 2007 caught my eye for being rather unique-sounding. There were *MANY* dumb information security and privacy business moments in 2007; I wondered, did Fortune recognize any of them?
I took the time to flip through them quickly…ah, yes! Quite a fun exercise! And here at least 18 IT compliance, info sec and/or privacy links to the Fortune 101 list:

(more…)

18 IT Compliance, Info Sec & Privacy Links to Fortune’s 101 Dumbest Business Moments in 2007

Monday, December 17th, 2007

Tis the season for lists upon lists upon lists. However, Fortune’s “101 Dumbest Moments in Business” for 2007 caught my eye for being rather unique-sounding. There were *MANY* dumb information security and privacy business moments in 2007; I wondered, did Fortune recognize any of them?
I took the time to flip through them quickly…ah, yes! Quite a fun exercise! And here at least 18 IT compliance, info sec and/or privacy links to the Fortune 101 list:

(more…)