Commentaries and Analyses – Page 840

NY: Glenville personal data exposed

Posted on June 24, 2010 by Dissent

Lauren Stanforth reports: The town did not protect sensitive personal information when it used employee Social Security numbers on unsecured time sheets and unnecessarily kept credit card information of those who paid traffic fines, according to a state comptroller’s audit released Tuesday. The audit, which reviewed practices from January 2008 to March 2009, found that…

One in five Android apps exposes private data -updated

Posted on June 23, 2010 by Dissent

Emma Woollacott writes: Nearly ten thousand Android applications give third party apps access to private or sensitive information, says a report from SMobile Systems. One in five of the 48,000 apps available grants a third party application access to private or sensitive information that an attacker could use for malicious purposes, such as identity theft,…

SSA teleworkers may be putting personal data at risk, IG says

Posted on June 14, 2010 by Dissent

# Alice Lipowicz reports: While teleworking is improving morale at the Social Security Administration, it also may be exposing individuals’ personal information to unauthorized disclosure via employees’ computers, according to a new report from the SSA Office of Inspector General. […] “We [have] determined [that] Office of Disability Adjudication and Review practices may have exposed claimant data…

Insurers Deny Coverage for Breach Notice Costs (and why companies should consider cyber insurance coverage and why brokers should offer it)

Posted on June 11, 2010 by Dissent

David Navetta comments on the litigation involving the University of Utah, Perpetual Storage, and Colorado Casualty Insurance Co. You may wish for a scorecard to keep all the players straight: It was recently reported that an insurance carrier (Colorado Casualty Insurance Co.) denied coverage (and filed a lawsuit) for the $3.3 million in costs the…

SB hospital fined $325,000 for breach of patient records (updated)

Posted on June 10, 2010 by Dissent

Lora Hines reports: Community Hospital of San Bernardino has been fined a total of $325,000 for breaches of more than 200 patient records by two employees in 2009. Community Hospital is one of five facilities statewide recently fined $675,000 for unauthorized access of nearly 230 medical records for more than 200 patients in violation of…

UK: Data Protection Act is out of kilter with EU law, warns privacy lawyer

Posted on June 9, 2010 by Dissent

Warwick Ashford reports: The single most important change required in UK data protection regulation is to bring the law into line with European legislation, says Stewart Room, partner at law firm Field Fisher Waterhouse. Section 13 of the UK Data Protection Act (DPA) is totally out of kilter with the EU directive on personal data,…