Commentaries and Analyses – Page 845

ICO outlines business case for privacy

Posted on March 4, 2010 by Dissent

In The Privacy Dividend, a report published on 4 March 2010, it said public and private sector organisations can use business cases to justify spending on privacy protection. It says the benefits of protecting privacy derive from four areas in which information has value. Firstly, protecting personal information as an asset can help to make…

Medical identity theft strikes 5.8% of American adults

Posted on March 3, 2010 by Dissent

Ellen Messmer reports: Identity thieves are not only interested in tapping financial resources, but are also after your medical identification data and services. Medical identity theft typically involves stolen insurance card information, or costs related to medical care and equipment given to others using the victim’s name. Roughly 5.8% of American adults have been victimized,…

Verizon releases framework for reporting security incidents

Posted on March 2, 2010 by Dissent

William Jackson reports: Verizon Business on Monday released for public use a framework for collecting and reporting information about security incidents in the hope of creating a standardized way for government and industry to share information about breaches. “If we don’t have a common language to collect and communicate data, we are going to be…

OCR/HHS reveals two more breaches

Posted on March 1, 2010 by Dissent

The public list of breaches reported to HHS under the HITECH Act was updated to add two entries. Both entries are associated with the same business associate: MSO of Puerto Rico. I do not see anything on the web sites of the covered entities or the business associate about the incident nor did I see…

Lost or stolen?

Posted on February 28, 2010 by Dissent

In the big scheme of things, it may be small breach report. But the difference between what Ameriprise Financial told the state attorney general and what they told the client caught my eye. In a notification letter to the New Hampshire Attorney General’s Office, Ameriprise Financial Services informed the state that they had had a…

“It is an understatement to say that BlueCross regrets this data breach.”

Posted on February 27, 2010 by Dissent

The breach disclosure notification provided by BCBS of Tennessee to the Maryland Attorney’s General Office has just been made available online. The detailed letter about the theft of 57 hard drives from a Chattanooga facility, dated December 16, 2009, provides additional insight into the mammoth chore BCBS faced trying to determine what data were…