From a newly released GAO report: Although the six federal agencies that GAO reviewed (the Departments of Energy (DOE), Homeland Security (DHS), State, and Transportation (DOT), the Environmental Protection Agency (EPA) and the Office of Personnel Management (OPM)) generally established security and privacy requirements and planned for assessments to determine the effectiveness of contractor implementation…
Month: September 2014
PERSONNEL SECURITY CLEARANCES: Additional Guidance and Oversight Needed at DHS and DOD to Ensure Consistent Application of Revocation Process
From a newly released GAO report: The Department of Homeland Security (DHS) and the Department of Defense (DOD) both have systems that track varying levels of detail related to revocations of employees’ security clearances. DHS’s and DOD’s data systems could provide data on the number of and reasons for revocations, but they could not provide…
AU: OAIC data breach guidelines emphasise importance of notification
David Braue writes: Notification of data breaches should be one of the four key steps organisations undertake in response to any detected breach, new guidelines from the Office of the Australian Information Commissioner (OAIC) recommend. The new guidelines – recently published in the OAIC’s Data Breach Notification Guide – are designed to help companies comply with the…
Tech Firms Ask Congress to Redefine Medical Privacy Rules
Kerry Young reports: Tech firms, including Amazon.com Inc., are asking Congress to redefine the rules on medical privacy, saying the potential risks of disclosure should be weighed again against the potential benefits of wider sharing and easier access to crucial health data. Executives of tech companies and health organizations have told the House Energy and…
Home Depot Confirms Data Breach
From their web site today: Last Tuesday, September 2, we disclosed that we were investigating a possible breach of our payment data systems. We want you to know that we have now confirmed that those systems have in fact been breached, which could potentially impact any customer that has used their payment card at our…
SC: Some Dorn V.A. Hospital veterans' information may be compromised
WLTX reports: The Dorn Veterans Administration Hospital in Columbia says some old records are missing, and is warning veterans that their personal information could be compromised. According to Dorn officials, four boxes of pathology reports that were stored in a locked area in the medical center laboratory are gone. The loss of the records was…