John E. Dunn reports: The Information Commissioner’s Office (ICO) is burnishing its credentials as a centre of best practice by publishing a hit-list of the top security weaknesses it says are the root cause of many of the data breaches it investigates. Protecting Personal Data in Online Services: Learning from the Mistakes of Others serves as…
The Anatomy of an FTC Privacy and Data Security Consent Order
Daniel Solove and Woodrow Hartzog write: The Federal Trade Commission (FTC) recently entered into a consent order with the media service Snapchat for not living up to its promises about how it maintains the privacy and security of user’s data. The FTC order prohibits Snapchat from “misrepresenting the extent to which it maintains the privacy, security, or confidentiality of…
States Selling, Sharing Risky Personal Health Data
Greg Slabodkin reports: Nearly all states collect hospital discharge data with 33 states selling or sharing de-identified information–not covered under HIPAA. That raises concerns that the hospitals are turning over data potentially vulnerable to re-identification, according to the Federal Trade Commission. Read more on Health Data Management.
Two NYU College of Dentistry employees busted last year for stealing and misusing patient credit card information
Larry Celona and Christina Carrega-Woodby report: A marijuana bust led police to uncover a massive identity theft operation that officials at the prestigious university tried to hush up, law enforcement sources told The Post. Joel Scott and James Giscombe Jr., who work with patients treated at the school, were busted last summer for allegedly lifting…
UK: Moray Council employee left sensitive info on children in a café
The Moray Council has signed an undertaking to improve data protection following an incident in July 2013 when a bundle of papers with personal and sensitive personal data was left in a local café. The papers related to a Moray Permanence Panel hearing and contained detailed reports regarding the adoption of two children, as well as shorter reports relating to 19 further…
UK: Moray Council employee left sensitive info on children in a café
The Moray Council has signed an undertaking to improve data protection following an incident in July 2013 when a bundle of papers with personal and sensitive personal data was left in a local café. The papers related to a Moray Permanence Panel hearing and contained detailed reports regarding the adoption of two children, as well as shorter reports relating to…