A case of “sextortion” – blackmailing someone over naked footage (digital footage, more specifically, to reflect the times we live in) – between Instagram celebs has again dredged up the decidedly non-superfluous legal quagmire that’s been repeatedly visited since at least 2009: Is forcing a defendant to spit out his or her password a violation […] read more
HIPAA Disk Encryption: Why Would You Authorize Employees To Work From Home Without Encrypting Patient Data?.
According to wreg.com, patients at the Boston Baskin Cancer Foundation recently learned they were potential victims of a data breach. This is one of those cases where one is left wondering if administrators thought things through: HIPAA encryption software was not used on a data storage device that comprised six years worth of patient data; […] read more
Details are beginning to emerge for the European Union’s data protection laws. Like many before it, the use of encryption software is being encouraged in order to safeguard the private information of people who fall under the EU’s jurisdiction. In addition, a number of other details are being considered as well, such as the use […] read more
When you consider the furor that has been raised over HIPAA data breaches for the past five years – and the fact that it has contributed heavily towards medical organizations investing in the use of medical file encryption software like AlertBoot – it boggles the mind that we can still come across such a story […] read more
The Wall Street Journal has an article on how certain executives are questioning the value of notifying the general public on company data breaches. The pay-walled article notes that there are valid reasons against more transparency. The thing is, most of these so-called reasons are self-serving – which is why 47 states have laws requiring […] read more
Desktop Encryption: LA County Encrypts All Workstations, Will Require The Same From Contracted Agencies.
It escaped my notice, so I’m opining on this three weeks late – to be honest, a quick search seems to indicate that almost no one covered this particular development – but Los Angeles County has moved to up their data security by pursuing workstation encryption, as seen in this motion. All I can say […] read more
Desktop computer encryption under HIPAA: is it really necessary? Most people have argued over the years that the answer is “no,” not only because the use of encryption software under HIPAA rules happen to be addressable (as opposed to required), but because nobody really expects that to happen. Reasons generally given as a clarification to […] read more
South Carolina is in the news again for a data breach that occurred in 2012. If you’ll recall, that was the year when SC admitted that its tax collection department had suffered a data breach, affecting 6.4 million people. Two years after, the effects of the data breach are still being felt. $20.7 Million Earmarked […] read more
According to the folks at phiprivacy.net, the recent addition of twenty-nine data breaches to the HHS “Wall of Shame” show that laptop and desktop computers still account for approximately half of all medical data breaches. This indicates two things: (1) Too many covered entities are not using HIPAA level encryption and (2) computers still account […] read more
In the world of finance, there’s what’s called “systematic risk” and “non-systematic risk” (or unsystematic risk). The latter is the type of risk that cannot go away, no matter how much you try. It kind of reminds me of what IT personnel are facing when they deploy data encryption software in the workplace. For example, […] read more