Data Protection Commissioner Billy Hawkes has called on the Health Service Executive to make improving the security of its systems for transferring patient data a top priority. Click here to read the full report In his annual report for 2009, Mr Hawkes also expressed concern at, what he called, ‘the reluctance of some State bodies…
Category: Commentaries and Analyses
Data breaches to cost more in the cloud
Liz Tay reports: Remedying a data breach costs 40 percent more for businesses that store their data offshore, a study of Australian incidents has found. Conducted by the Ponemon Institute and PGP Corporation, the inaugural Australian Cost of a Data Breach report aimed to quantify the costs associated with public and private sector data breaches….
How Identity Theft Is Like the Ford Pinto
Over on Concurring Opinions, Dan Solove describes a new paper by Chris Hoofnagle: Professor James Grimmelmann likes to shop at Kohl’s. So much so that he applied for credit at Kohl’s. And he got it. The problem is that James Grimmelmann didn’t really apply for anything. It was an identity thief. Grimmelmann was a participant…
Chase Isn’t Liable for Assistant’s $1M Fraud
We’ve read about a number of lawsuits where businesses sue their banks for money that was siphoned off in wire transfers without the company being aware of the problem. Here’s a court decision out of the Third Circuit Court of Appeals that may impact some cases down the road and serves as a timely reminder…
Flawed Assumptions in the Albert Gonzalez Case
Evan Schuman of StorefrontBacktalk has a column over on CBS News that points out some of the flaws in lawyers’ arguments revolving around the Albert Gonzalez case, such as arguments that disclosure of retailers’ names would hurt their stock prices. Evan points out what those of us who track breaches know all too well: there…
The DOJ Criminal Division’s Laptop Computer Encryption Program and Practices – Audit Report
From the summary of findings in The Criminal Division’s Laptop Computer Encryption Program and Practices, Audit Report 10-23, March 2010: Criminal Division-Owned Laptop Computers Our review found that of the 40 laptops we tested for encryption software, 10 did not have encryption, and 9 of those 10 did not have Windows passwords enabled. All of…