James B. Miller reports: In an extensive report, the Office of the State Auditor recently expressed concerns with the North Dakota Department of Veterans Affairs’ handling of the veteran aid loan, hardship assistance grant, impact grant and highly rural transportation grant programs. […] Most notably, the audit found that the Veteran Aid Loan System was…
Category: Commentaries and Analyses
Thousands of Medical Records Left Unsecured–So Who’s Investigating?
A news report from a few days ago is actually a good example of the frustration some experience with OCR investigation of breaches. TL;DR version: a breach was reported by the media in March, 2017. This site also noted it. But now, more than one year later, there have been no consequences for the entity,…
Vietnam’s New Cybersecurity Law and Push for Internet Sovereignty Reduces Freedom
Scott Ikeda reports: On June 12th the Vietnamese National Assembly voted in a new cybersecurity law. The legislation did not come easily having gone through more than 12 drafts and much debate in government and the business sector. The claimed purposes of the legislation are to increase Vietnam’s Internet sovereignty, that is the data of…
Huawei security concerns
Angus Grigg reports: Chinese phone company Huawei has been linked to a major data breach in Africa casting doubt on the company’s claim there is no evidence to back up national security concerns which could see it banned from the rollout of 5G networks in Australia. The revelations centre on an investigation by French newspaper…
NYS Comptroller audit of Town of Ontario, New York
Another disheartening audit involving local government. From the NYS Comptroller’s Office: Town of Ontario – Information Technology, Financial Management and Procurement (2017M-137) Purpose of Audit The purpose of our audit was to evaluate the Town’s IT controls, financial condition and purchasing practices for the period January 1, 2015 through March 2, 2017. Background The Town…
UK: Independent Inquiry into Child Sexual Abuse fined £200,000 for revealing identities of possible abuse victims in mass email
From the Information Commissioner’s Office, this press release: The Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 by the Information Commissioner’s Office(ICO) after sending a bulk email that identified possible victims of non-recent child sexual abuse. The Inquiry, set up in 2014 to investigate the extent to which institutions failed to protect…