Highland Council has been found in breach of the Data Protection Act after two laptop computers containing personal information – including the medical details of around 1400 people – were stolen from its Inverness headquarters. Both laptops were password protected and stored in a locked office, but they were not encrypted and no additional security…
Stolen laptop “may have” held customer data
On July 8, a laptop that may have contained some customer information such as names and credit card numbers was stolen from an employee of Henry Schein, Inc. Although the laptop was password protected, the data were not encrypted. By letter dated July 16 to the New Hampshire Attorney General’s Office, Kristen J. Mathews of …
More charges filed against computer fraud suspect
Martin Robinson Bowling, who pleaded guilty and was sentenced (pdf) to three years in prison for computer fraud in November 2008, is now facing embezzlement and identity theft charges. Bowling, whose sentence had been reduced to probation, is one of five people charged in unrelated id theft charges. According to a news story filed by…
Porn Actress Says State Intruded on Privacy
A porn film actress whose positive HIV test made news in June claims [pdf] state health officials violated her rights by demanding her medical records. Filing her complaint under the name “Patient Zero,” the woman sued California OSHA and the Adult Industry Medical Healthcare Foundation. Zero claims that after she tested positive for HIV, the…
Missouri data breach notification law goes into effect soon
Perkins Coie has provided a short synopsis of key requirements of Missouri’s new data breach notification law, which goes into effect on August 28, 2009. ….. In addition to the more common elements of first name or initial and last name in combination with unencrypted Social Security Number, driver’s license number, financial account number, or…
FAQ on Nevada’s Security of Personal Information Law (NRS 603A)
InfoSecCompliance (”ISC”) was recently asked by a prospective client to provide a summary of Nevada’s Security of Personal Information law (NRS 603A) and a recent amendment to the Security Law that incorporated the Payment Card Industry Data Security Standard (”PCI”). ISC decided to try something new and create a Frequently Asked Questions document around the…