Commentaries and Analyses – Page 548

No Business Associate Agreement? $31K Mistake

Posted on April 20, 2017 by Dissent

From HHS: The Center for Children’s Digestive Health (CCDH) has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan. CCDH is a small, for-profit health care provider with…

BakerHostetler 2017 Data Security Incident Response Report Based on 450 Incidents

Posted on April 20, 2017 by Dissent

I don’t post links to most reports with data breach analyses because some are so flawed that they just perpetuate errors some of us have tried to correct. But BakerHostetler handles a lot of breach incidents for their clients, and they’ve issued a report based on 450 incidents they’ve handled. Some of their findings seem quite…

He’s got access to your students’ info and is trying to decide what to do. Now what will YOU do?

Posted on April 17, 2017 by Dissent

So far, I have not attempted to validate the claims in a post spotted on a dark web forum, below. I am posting it in the hopes that it will make some teachers – and school administrators – think about when was the last time they did a password reset, and might this be a good time to…

Healthcare breach reports continued to climb in March

Posted on April 14, 2017 by Dissent

Protenus has released their Breach Barometer report for March. The report is based on 39 incidents that reportedly affected 1,519,521 patients’ records. As noted in recent months, we’ve reached that unhappy stage where we are seeing an average of one or more breach disclosures every day. If this just represented greater transparency, that would be great, but it…

IDENTITY THEFT SERVICES: Services Offer Some Benefits but Are Limited in Preventing Fraud – GAO

Posted on April 12, 2017 by Dissent

It’s what some of us have been saying for quite a while. From their Highlights of a GAO report released last month: What GAO Found Identity theft services offer some benefits but have limitations. Credit monitoring helps detect new-account fraud (that is, the opening of new unauthorized accounts) by alerting users, but it does not…

IE: 2,224 data security breaches reported in 2016, says Data Protection Commissioner

Posted on April 11, 2017 by Dissent

John Kennedy reports: Reports of data breaches to see exponential rise once mandatory reporting rules under GDPR come into force, warns DPC Helen Dixon. Ireland’s Data Protection Commissioner (DPC), Helen Dixon, has reported that the number of complaints over data privacy has increased from 932 in 2015 to 1,479 in 2016. In the annual report for…