Earlier this week, the US Customs and Border Protection (CBP) responded to Senator Ron Wyden’s inquiries regarding electronic device searches at US borders (more specifically, airports). As numerous media outlets have relayed, CBP “admitted” that they do not have the authority to search data that is “solely” in the cloud, data that is not the […] read more
The UK’s Information Commissioner’s Office (ICO) has fined an insurance company, Royal & Sun Alliance (RSA), a total of £150,000 for the theft of an external storage device with information on nearly 60,000 clients (and credit card details for 20,000 people). Stolen From a Locked Room Unlike your run-of-the-mill hard drive theft cases, there […] read more
Arstechnica.com reported about a week ago that the 2nd US Circuit Court of Appeals ruled that “All your disk image are belong to us.” Per the article, 12 out of 13 judges in New York agreed that the government did not violate the Fourth Amendment when it searched through non-responsive data that was collected as […] read more
Many will read the title above and think this has a bearing on RIPA, the Regulation of Investigatory Powers Act of 2000. It does, but only barely. I’ve got to admit it is a bit misleading. It’s also 100% true… but only because of the degree of farce involved in this matter. According to the […] read more
Last week, a Indiana medical firm saw a massive medical data breach that extended throughout the entire U.S. Per online reports, possibly 4 million people in more than 230 hospitals and other healthcare organizations were affected by the breach, which occurred in May of this year. Hackers stole protected health information that included: “patients’ names, […] read more
Last week, FBI Director James Comey told senators that encryption was making it harder for the FBI to do its job. To back his words, he brought up examples of instances where the agency couldn’t access electronic information despite having the legal right to do so. And while you won’t find many denying that this […] read more
Apparently, 2015 is the year when everything old is new again: the encryption wars are back and gaining acceleration; TV shows and movies that were laid to rest are rising from their graves; and classic data breaches are raring their heads as well. For example, the site databreaches.net notes that Human Resource Advantage sent an […] read more
It looks like Connecticut could be following in the footsteps of New Jersey: according to stamford.dailyvoice.com, state senators are considering proposing legislation that would require Insurance companies to encrypt any sensitive personal data. If said proposal passes, it would become the second state I know of that makes it mandatory for insurance companies to use […] read more
HIPAA Disk Encryption: Why Would You Authorize Employees To Work From Home Without Encrypting Patient Data?.
According to wreg.com, patients at the Boston Baskin Cancer Foundation recently learned they were potential victims of a data breach. This is one of those cases where one is left wondering if administrators thought things through: HIPAA encryption software was not used on a data storage device that comprised six years worth of patient data; […] read more
Lawyer Laptop Encryption: San Francisco Attorney Notifies Clients of Laptop Theft, Potential Data Breach.
A data breach can be a devastating experience. Even more so if the breach involves a particular profession where privacy, anonymity, and secrecy happen to be paramount. That’s why a medical data breach hits people more closely than a retailer’s data breach. And why a data breach involving the legal profession seems even more alarming. […] read more