A spreadsheet containing New York Yankees season ticket holders’ information was emailed to nearly 2,000 people. The spreadsheet contained information on 21,446 ticket holders. When dealing with emails that hold quite a bit of data, it’s always advisable that one look into data encryption like AlertBoot. VIPs Not Affected The NYY revealed in a public […] read more
Data Encryption: Email Addresses Are PII, Personally Identifiable Information, According To Decade-Old Cases.
Conflicting emotions run though me whenever I read about data breaches that only involve names and e-mail addresses. On the one hand, it doesn’t seem like a particularly egregious breach: the information doesn’t appear to be any more personal than your phone number in the local telephone directory. On the other, it can be used […] read more
In a paper titled “How Strong are Passwords Used to Protect Personal Health Information in Clinical Trials?” El Emam et al. note that most researchers involved in clinical trials are not properly using data security tools like encryption. This is not necessarily because the researchers are not trying but because they’re not aware that there […] read more
Javelin Strategy & Research has released their “2011 Identity Fraud Survey” (which actually covers ID theft in 2010). Their survey has found that there was a “notable decline in identity fraud” last year. There were 3 million fewer victims over 2009 (when 8.1 million people were affected) and fraud totals fell to $37 billion from […] read more
CityCycle — Australia, Brisbane’s shared bicycle program — was involved in a slight data breach. I’m not sure I would recommend data encryption in this particular case, although it certainly would have prevented the breach from happening. CC v. BCC Due to human error, all subscribers to CityCycle were able to see each other’s e-mail […] read more
I would imagine that the last people to debate the merits of cloud-computing would be screenwriters and others employed in Hollywood (with the exception of those whose work is technically-oriented, such as people working on CGI), but an article I ran across Variety suggests otherwise. The controversy lies around whether cloud storage is secure enough […] read more
Even if you use full disk encryption like AlertBoot security software on your computers, there are ways for information to leak out. One common way is via e-mails, as Geisinger Health System found out. Update (30 DEC 2010): According to this link the doctor who caused the breach at Geisinger no longer works for the […] read more
Data Encryption Software Technologies Used By 85% Of Medical Organizations. Devil In The Details, Though.
According to a new survey by the Healthcare Information and Management Systems Society (the 3rd Annual HIMSS Security Survey), 85% of their respondents stated that they use data encryption software to safeguard patients’ protected heath information (PHI). The bad news is that it appears to be implemented in a ragtag approach to patient information security. […] read more
The Treasury Solicitor’s Department (TSol) has issued guidance for selecting data encryption software and data deletion products. This is meant to aid Bar Council members, who now must use disk data encryption to “removable devices or removable storage media and laptop computers.” In fact, the guidance states that “level of encryption must [my emphasis] meet […] read more
One of the most used data loss protection (DLP) tools is the automatic encryption of any e-mails being sent out. These work on the same principles surrounding laptop encryption software, but can be configured to scan the contents and apply encryption as necessary, depending on the product. Others never quite deliver the e-mail, instead sending […] read more