Data from independent research, Effective Management of Safe & Secure Openings & Identities, shows 82 percent of public, private and 2-year specialized colleges and universities believe they are not very effective at managing safe and secure openings or identities. Only 18 percent believe they are very effective at granting or denying access to appropriate individuals or…
Category: Commentaries and Analyses
Breaches: Study Shows Over 806.2 Million Records Disclosed, Estimated Cost of $156.7 Billion
I’m still playing catch-up with everything I missed thanks to NatGrid’s profound incompetence in restoring power after a tropical storm knocked us offline. Here’s a press release I had missed: The Digital Forensics Association announces the release of their second annual data breach report. “The Leaking Vault 2011- Six Years of Data Breaches” analyzes 3,765…
HHS submits its annual report to Congress on breaches
The U.S. Department of Health and Human Services Office for Civil Rights has submitted its mandated report to Congress on breach reports it has received. The report covers incidents reported between September 23, 2009 (the date the breach notification requirements became effective), and December 31, 2010. Here are some of the highlights of the report:…
North Carolina psychologist settles state charges for dumping patients’ records, agrees to pay $40,000
The following press release from North Carolina Attorney General Roy Cooper is a follow-up to a breach previously covered on PHIprivacy.net: Dr. Ervin Batchelor of the Carolina Center for Development and Rehabilitation in Charlotte has paid $40,000 for illegally dumping files containing patients’ financial and medical information, Attorney General Roy Cooper announced Wednesday. “Any business you entrust with your information has a…
(Update and Commentary): Why are states withholding the names of breached entities?
Yet another recent press release – this one from the U.S. Attorney’s Office in Connecticut – shields the name of the breached entity: David B. Fein, United States Attorney for the District of Connecticut, announced that NATASHA SMITH, 25, of Georgia, formerly of Far Rockaway, New York, waived her right to indictment and pleaded guilty yesterday,…
Breach Notification: Time for a Wake Up Call
Mark G. McCreary has an article on CIO Insight, “Breach Notification: Time for a Wake Up Call,” that discusses how the Epsilon breach produced a seismic change in what kinds of breaches now get reported. You can read his article here.