Posts Tagged ‘security training’

“Secure Your ID Day” is April 18

Tuesday, April 14th, 2009

I’m in Omaha to speak tomorrow at the Infotec09 conference and I heard on the local news that “Secure Your ID Day” is April 18…

(more…)

“Secure Your ID Day” is April 18

Tuesday, April 14th, 2009

I’m in Omaha to speak tomorrow at the Infotec09 conference and I heard on the local news that “Secure Your ID Day” is April 18…

(more…)

Pointers to interesting & useful information security, privacy & compliance info

Monday, April 13th, 2009

I’ve been using Twitter for a couple of months now. I never saw the value of using Twitter before this time, and in fact had a completely different view of what it was “all about” until I actually started using it. I’m so glad I did! I’ve found it to be a very valuable communications tool, and I’ve made some wonderful new contacts and friends, from all over the world, through using it.

(more…)

You aren’t in Kansas anymore, ToTo…you’re in virtual Kansas!

Thursday, April 9th, 2009

Oh; and, by the way, what the heck are virtual worlds? Aren’t they something that only kids use?

(more…)

Measuring The Effectiveness of Information Security & Privacy Awareness & Training

Wednesday, April 8th, 2009

I’m a longtime advocate of creating a wide range of metrics to determine the effectiveness of the various components of information security, privacy and compliance programs.

(more…)

Privacy Breach Lesson: Encrypt Mobile Digital PII!

Monday, April 6th, 2009

Once more, here is an example of how carelessness and/or a mistake leads to a privacy breach…

(more…)

What Corporate Business Leaders Need To Know About Data Protection

Friday, April 3rd, 2009

The first chapter of my new ebook, “Understanding Data Protection from Four Critical Perspectives” has been published!
The first chapter is “What Corporate Business Leaders Need To Know About Data Protection” and is written to an audience of CEOs and other executive business leaders who may not have an IT or information security background. I wrote this chapter for information security and privacy practitioners and officers to be able to give to their executive business leaders to help them understand data protection and compliance better, in addition to helping to get them to sponsor data protection efforts.
Here’s the introduction to the chapter, which also provides an overview of the book:

(more…)

Pros & Cons Of Surveillance Cameras For Compliance

Thursday, April 2nd, 2009

We had a very interesting discussion on Twitter this morning about the practice of automatically photographing license plates to use for parking, tickets, etc…

(more…)

Ongoing Awareness Communications and Regular Training Are Necessary For Effective Information Security & Privacy Programs

Wednesday, April 1st, 2009

Scott Wright over at Streetwise Security Zone graciously invited me to do a podcast interview with him to discuss information security, privacy and compliance training and awareness issues. In the last half of February I had the pleasure of taking him up on his invitation!
You can hear the full podcast here.
Here are the notes Scott compiled about our discussion topics:

(more…)

HIPAA Sanctions and Convictions Will Increase with HITECH Act & New Administration

Tuesday, March 31st, 2009

Upon reading and researching HIPAA and the impact of the HITECH Act upon it, basically broadening its applicability as well as adding new requirements for privacy breach notifications, I recently was compelled to write an article about what I foresee as likelihood that, after a very frustratingly slow start (by several years!) of HIPAA enforcement, increasingly more HIPAA sanctions will be made in the coming months and years.
SearchCompliance printed my article in three parts in their Compliance Tips section…

(more…)