A new workshop report from the Identity Theft Prevention and Identity Management Standards Panel (IDSP) addresses various facets of how research companies measure identity theft. The report finds that disparities exist in the way that terms are defined in statute versus in practice—terms such as identity theft, identity fraud and data breach. […] Rick Kam,…
Category: Commentaries and Analyses
Consumer Watchdog Asks HHS to Repeal Rule Allowing Health Care Providers to Decide When Notification of Breached Electronic Medical Records is Necessary
Consumer Watchdog today called on the Health and Human Services Department to repeal a rule that allows health care providers and insurers to decide whether consumers must be notified when the security of their electronic confidential health information has been breached. In a letter to HHS Secretary Kathleen Sebelius the nonprofit, nonpartisan consumer advocacy group…
Knowing or reckless misuse of personal data – introducing custodial sentences
From the UK Ministry of Justice: Reference Number : CP22/09 Status: Open Open date: 15 October 2009 Close date: 07 January 2010 A consultation on exercising the power to provide for custodial sanctions for those found guilty of knowingly or recklessly obtaining, disclosing, selling or procuring the disclosure of personal data without the consent of…
Call centre recordings could breach payment card industry security rules
From Out-Law.com: More than 95% of call centres were found to store customers’ credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company. Veritape said that when it talked to 133 call centre managers only 39% of them knew about industry…
Audit of DRS data breach completed
Patricia Daddona reports: An audit of a 2007 data breach of state taxpayer’s personal information on a stolen laptop shows the state took too long to address the situation but has since made strides to prevent future incidents. Two years ago, some 106,000 Connecticut taxpayers’ names and Social Security numbers were compromised when an employee,…
Schwarzenegger vetoes Simitian’s privacy protection bill
Governor Schwarzenegger vetoed State Senator Joe Simitian’s (D-Palo Alto) Senate Bill 20. The bill would have strengthened and updated California’s landmark privacy protection law that requires businesses and state agencies to notify residents when sensitive personal information is lost or stolen from their databases. “I’m surprised as well as disappointed by the Governor’s veto,“ said…