It’s not just U.S. school districts that have been suffering breaches. Here’s one from Canada that was reported last week by Luisa D’Amato: Canada Post has lost two rolls of microfilm containing the personal information of more than 2,200 Waterloo Region residents who left or graduated from high school six years ago. The microfilms were being…
California Strengthens its Data Breach Notification Law
Joseph Lazzarotti writes: As we suspected, California’s current governor, Edmund G. “Jerry” Brown, Jr. (D), signed into law S.B. 24, which adds some additional protections to the state’s current data breach notification requirements. The champion of this law and its recent enhancements, State Sen. Joe Simitian (D-Palo Alto), has finally succeeded after a number of prior attempts to pass this measure…
Kr: Report on hacking incidents to be required of companies
All listed and financial companies must report a security breach, with the scope of disclosure on major management issues including M&As being expanded to hacking incidents. The Knowledge Economy Ministry said Thursday that as early as 2014, companies must inform whether they have been hacked and how they can cope with such incidents on either…
TX: 2 Birdville students hack into school district’s network
Yesterday, it was the school district in El Paso. Today, it’s Birdville reporting a breach. Jessamy Brown reports: Two students from Birdville schools hacked into a school district network server and accessed a file with 14,500 student names and social security numbers, a Birdville spokesman said Thursday. Birdville superintendent Darrell Brown on Thursday mailed a…
HHS extends comment period on human subjects research proposals
Melissa Bianchi writes: The U.S. Department of Health and Human Services (HHS) today extended the public comment period for its new proposed requirements for human subjects research under the Common Rule. HHS’ proposal includes significant new data privacy and security obligations on research entities, including the creation of mandatory data security and information protection standards for all…
Victory for DNA Privacy Rights
Brendon Tavelli writes: On August 25, 2011, the Massachusetts Appeals Court, in a case of first impression, ruled that the state crime lab’s retention of an individual’s DNA sample beyond the limitations promised to him by the police when they took the voluntary sample state a claim for invasion of privacy, and for violation of the…