Full Disk Encryption: AZ Attorney General Also Investigating Health Net.

Health Net’s loss of a hard drive that was not protected with drive encryption is really beginning to pay dividends.  The wrong kind of dividends.  Arizona’s Attorney General has now announced that he will investigate whether Health Net has broken any state laws due to the breach. Second Attorney General Investigating Company Attorney General Goddard […] read more

Data Security: T-Mobile Experiences A Data Breach…But Not Really.

There are many aspects to data security, like the use of drive encryption software, antivirus software, firewalls, etc.  However, the biggest and central one is monitoring.  Basically, making sure that things are going as planned, and looking to see if anything has gone awry.  Otherwise, one may end up finding–quite belatedly–that they’ve suffered a breach. […] read more

Drive Encryption Software: Great Yarmouth and Waveney Primary Care Trust Desktop Computers Stolen.

The Information Commissioner’s Office (ICO) has found Great Yarmouth and Waveney Primary Care Trust in breach of the Data Protection Act.  The case just goes to show that it’s not only laptop computers that require hard disk encryption, but desktops as well. According to the Undertaking signed by the Great Yarmouth and Waveney, two desktop […] read more

North Carolina Data Privacy, Data Breach, And Encryption Law.

North Carolina does not have a data encryption law per se; instead, it has a personal data breach notification law that gives safe harbor to people who use encryption to protect personal data. Warning: I’m not a lawyer–the following is strictly what I’ve taken from the various state laws found on-line. North Carolina Senate Bill […] read more

Drive Encryption Software: UK Companies Report 356 Data Breaches In Less Than One Year.

A Freedom of Information request has revealed that UK CIOs have reported 356 instances of data breaches since November 2008.  Of these, 222 instances (60%) would have been fully preventable via the use of drive encryption like AlertBoot. The 222 instances I mentioned include the loss or theft of hardware (memory sticks, laptops, etc.) and […] read more

Drive Encryption Software Keeps Aussie Peeper Out Of Slammer.

I do not advocate the use of disk encryption software for illegal ventures.  However, it cannot be denied that it’s one way of keeping your activities secret.  Like in the case of the Australian man who constructed an elaborate set of peepholes to spy on his roommates but couldn’t get convicted for the lack of […] read more

Data Encryption Software: London Clinic Patient Information For Sale.

While data encryption software is often recommended to enhance the security of sensitive data, there are those instances when it cannot fulfill its potential.  Therefore, policies are often created prohibiting its dissemination–and when such policies go national, they’re called laws.  Often times, those are ignored as well.  Or, there may be a loophole. London Clinic […] read more

Louisiana Personal Information Data Privacy Notification And Encryption Laws: SB 205 Act 499.

Louisiana passed a data breach notification law which went into effect on January 1, 2006.  The law is called the “Database Security Breach Notification Law” (Senate Bill 205 Act 499), and requires any people or companies that lose sensitive, personal data to notify those that are affected.  If the information was protected using encryption software, […] read more

Disk Encryption Software: 70 Million Vets’ Data On NARA Hard Drive Breach.

The NARA, National Archives and Records Administration, may have had a data breach, depending on how one defines certain words.  What’s not in contention is the fact that a hard drive with the information of 70 million US veterans is involved.  Or that data encryption software was not used to protect this data. What Happened […] read more

Drive Encryption Software: HHS Standard Urged To Be Lowered.

I noted two weeks ago how new HIPAA regulations provided safe harbor to health care providers if patient data is protected, such as via the use of data encryption software, during a data breach.  I also noted how there were criticisms to it: the entities that experienced the breach were also in charge of determining […] read more