Commentaries and Analyses – Page 821

What’s with the increasing demands to have breached entities fined?

Posted on November 4, 2010 by Dissent

There’s been a growing clamor both here and abroad to have entities who have had data breaches fined. And while the ICO has been promising that such fines are “imminent” and will be announced before the end of this month, I find myself wondering why we, the public, are becoming increasingly strident in our call for…

Is it legal to use Firesheep at Starbucks?

Posted on November 1, 2010 by Dissent

Gregg Keizer reports: People using the Firesheep add-on may be breaking federal wiretapping laws, legal experts said today. Or maybe not. “I honestly don’t know the answer,” said Phil Malone, a clinical professor of law at Harvard Law School as well as the director of the school’s Cyberlaw Clinic at the Berkman Center for Internet…

Indiana sues WellPoint over delayed breach notification

Posted on October 29, 2010 by Dissent

The Indychannel reports: The attorney general’s office is suing health insurance giant WellPoint Inc. for $300,000 for waiting months to notify customers that their medical records, credit card numbers and other sensitive information may have been exposed online. The lawsuit filed Friday in Marion County accuses WellPoint of violating a state law that requires businesses to…

Ca: Personal data at risk, study found

Posted on October 28, 2010 by Dissent

Dana Flavelle reports that private investigators hired by an association of secure document disposal companies found lots of personal information in dumpsters in the Greater Toronto area. Doctors offices and car dealers got an unwanted shout-out in their findings. Most organizations, especially large banks and hospitals, are doing a good job of disposing of sensitive…

Hospital Breach by Job Applicant

Posted on October 28, 2010 by Dissent

Over on the EMR and HIPAA blog, John says he’s torn about the case where a young man has been charged for his somewhat poorly thought out approach to a job interview with Houston Healthcare: … Honestly, Robert Rhodes, chief information officer for Houston Healthcare, just sounds like an angry CIO whose security efforts were torn…

GAO – Information Security: National Archives and Records Administration Needs to Implement Key Program Elements and Controls

Posted on October 27, 2010 by Dissent

Information Security: National Archives and Records Administration Needs to Implement Key Program Elements and Controls GAO-11-20 October 21, 2010 Summary: The National Archives and Records Administration (NARA) is responsible for preserving access to government documents and other records of historical significance and overseeing records management throughout the federal government. NARA relies on the use of…