Seeing all these really bad information security incidents and privacy breaches, often daily, are so disappointing. Let’s consider these four in particular.
- The Sony hack that seems to continue to get worse as more details are reported.
- An ER nurse using the credit cards of patients.
- Breaches of Midwest Women’s Healthcare patient records due to poor disposal practices at the Research Hospital.
- TD Bank’s outsourced vendor losing two backup tapes containing data about 260,000 of their customers.
And the list could continue for pages.
These incidents, and most others, probably could have been prevented if an effective information security and privacy management program existed that was built around three primary core elements: (more…)