As of today’s date, breach compilations by both the Identity Theft Resource Center and Open Security Foundation indicate that there were fewer breach reports in 2009 relative to 2008. While some of the apparent decrease may be due to two sources used last year not being available online for the second half of this year,…
Category: Commentaries and Analyses
Massachusetts’s Highest Court Delivers BJ Wholesalers (and other Retailers) a Data Breach Liability Gift
David Navetta of InformationLawGroup has an analysis of the recent court decision in Cumis Insurance Society, Inc. v. B.J. Wholesale Club decision, reported here earlier this month. This blog post dives into and analyzes the Supreme Court Decision, and looks at it in context against similar decisions. Overall, in terms of issuing banks recovering for…
Apres le breach, yet another call for greater cooperation to fight data theft
And the year draws to a close as it opened: with a call for greater cooperation in preventing security breaches. At the beginning of the year, it was Heartland Payment Systems. Now, following lawsuits against it by restauranteurs in Louisiana who were hacked while using one of its POS applications, Radiant Systems is trying to…
So where are the breach reports on HHS?
The following is cross-posted from PHIprivacy.net: Under the provisions of the HITECH Act that went into effect several months ago, covered entities are required to report breaches involving the unsecured protected health information of 500 or more individuals to the Secretary of the U.S. Department of Health & Human Services. Unfortunately, HHS watered down the…
Some yearly round-ups on breaches
It’s that time of the year, and some firms and journalists have begun looking back at 2009. Here are some round-ups I’ve seen recently: Perimeter E-Security Exposes Top Ten Biggest Security Breaches and Blunders of 2009 The Year Of The Mega Data Breach 2009: a year of incident, loss, malware and ultimately education Ten Most…
No law, no investigation. So change the law!
On August 28, Missouri’s new data protection law went into effect. Fat lot of good it did for past clients of Nationwide Credit Counseling. When their financial records, replete with personal information, were found in bankers boxes in a dumpster , were they notified of the breach? No. And was any action taken against the…