When it comes to data breaches and the legislation governing them, you can divide the laws into two different camps: the ones where a monetary penalty is assessable and the ones where it isn’t. The use of data security software like AlertBoot managed disk encryption for laptops can provide safe harbor from such fines, which […] read more
Orangeburg-Calhoun Technical College, known as OCtech, has issued a press release alerting students and faculty that a laptop was stolen from the school’s premises. They make it a point to note that sensitive data on the laptop was stored in a not so “easily recognizable format”; however, it is questionable whether that refers to something […] read more
Data breaches and breach notifications: stuff only big businesses have to be worried about, right? Apparently not, according to Vermont’s Attorney General: “At this stage of the game, having seen widely reported data breaches at big retailers like Target and dozens of others, we will not accept the excuse that a business did not know […] read more
UK Data Breaches: ICO Reviewing Impact Of Monetary Penalties, Threatens "Contempt Of Court" Charges.
The UK’s Information Commissioner’s Office (ICO) is investigating the effects of monetary penalties on organizations that breach the Data Protection Act (DPA). With the ability to fine up to £500,000, the monetary penalty is a formidable way DPA enforcement tool: not only does the fear of a large fine prompt action, it spreads the news […] read more
Desktop Encryption: LA County Encrypts All Workstations, Will Require The Same From Contracted Agencies.
It escaped my notice, so I’m opining on this three weeks late – to be honest, a quick search seems to indicate that almost no one covered this particular development – but Los Angeles County has moved to up their data security by pursuing workstation encryption, as seen in this motion. All I can say […] read more
It’s hard to believe that in this day and age people still associate “password-protection” with actual, real data protection. At least, that’s what’s implied by the people who’ve released breach notifications for Alaska’s Mallott gubernatorial campaign and Sharper Future, a “private sector mental health provider.” Who, exactly, did these organizations consult with to make these […] read more
Maricopa County Community College District (MCCCD) is making the news again… for the same data breach (yet again). The site azcentral.com is reporting that MCCCD’s costs related to last year’s data breach has gone up yet once more, by another $2.3 million. The college district has spent nearly $20 million since the data breach was […] read more
eBay, the online auction powerhouse based in San Jose, California, has announced that hackers infiltrated the company’s networks. The intrusion’s damage was mitigated to an extent by the use of data encryption; however, the company is asking all users to change their passwords. Although the extent of the damage is not yet know, it appears […] read more
Another data breach lawsuit, another case that’s tossed out of court for “lack of standing.” When TRICARE was saddled with one of the largest data breaches of all time – over 4.7 million people affected when backup tapes were stolen from a parked car – it was certain that SAIC, the vendor who was at […] read more
There are many articles out there claiming that the Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) has issued its largest HIPAA fine to date, a total of $4.8 million to New York Presbyterian Hospital and Columbia University Medical Center. The story is inaccurate but raises interesting points when […] read more