A new workshop report from the Identity Theft Prevention and Identity Management Standards Panel (IDSP) addresses various facets of how research companies measure identity theft. The report finds that disparities exist in the way that terms are defined in statute versus in practice—terms such as identity theft, identity fraud and data breach. […] Rick Kam,…
Author: Dissent
UPDATE: Zurich data loss affects 641,000
Leo King reports: Insurance giant Zurich has lost the sensitive personal account details of 641,000 customers held on backup tape. The company admitted the tape had been missing for over a year in South Africa, after it was lost en route to a secure storage unit in August 2008. But it has only just noticed…
House passes bill excluding small healthcare practices from Red Flag Rules
The House of Representatives passed H.R. 3763, a bill that amends the Fair Credit Reporting Act to provide for an exclusion from Red Flag Guidelines for certain businesses. As passed by the House, the following would not be considered “creditors” under the new Red Flag Rules: a health care practice with 20 or fewer employees…
Consumer Watchdog Asks HHS to Repeal Rule Allowing Health Care Providers to Decide When Notification of Breached Electronic Medical Records is Necessary
Consumer Watchdog today called on the Health and Human Services Department to repeal a rule that allows health care providers and insurers to decide whether consumers must be notified when the security of their electronic confidential health information has been breached. In a letter to HHS Secretary Kathleen Sebelius the nonprofit, nonpartisan consumer advocacy group…
EXCLUSIVE: UW-Madison discovers 40 computers used for file-sharing
A site reader alerted DataBreaches.net to a recent breach involving the Department of Chemistry at University of Wisconsin-Madison recently. According to the notification letter, a copy of which was provided to this site, the university notified some faculty and students that their personal information was on 40 departmental computers that had been hacked. In a…
CZ: State institute found to be illegally collecting personal medical data
Christian Falvey reports: The Office for Personal Data Protection says it has never encountered such a large-scale database of illegally collected personal data: information from 200,000 drug prescriptions a day for the last six months showing who uses what kind of medicine. And the body collecting it? The State Institute for Drug Control. What the…