Disk Encryption Software: 70 Million Vets’ Data On NARA Hard Drive Breach.

The NARA, National Archives and Records Administration, may have had a data breach, depending on how one defines certain words.  What’s not in contention is the fact that a hard drive with the information of 70 million US veterans is involved.  Or that data encryption software was not used to protect this data. What Happened […] read more

Data Encryption: BlueCross BlueShield Breach Prompts Affiliates’ Notifications.

Highmark Inc. Also Announces Breach To Physicians It’s finally started.  The big news this week was the theft of a laptop computer with personal details for all doctors in the BlueCross BlueShield network.  Drive encryption software was not used on the laptop, automatically turning the computer theft to a data breach (a massive one.  Over […] read more

Missing Blue Cross Blue Shield Computer Update.

BlueCross BlueShield has provided further information regarding the theft of a laptop.  The computer contained a file with the personal information of all physicians in the BCBS network.  You’ll recall from yesterday’s blog post that a BCBS employee had downloaded the file to a personal laptop computer without disk encryption software which subsequently got stolen. […] read more

Data Protection Software: Express Scripts Back In The News (Again).

Several sources are reporting that Express Scripts, the pharmacy benefit managing (PMB) company, has been informed by the FBI that last year’s extortionist has struck again. If you’ll recall, Express Scripts received the personal information of 75 people, all of them in the company’s database, via regular mail.  The sender had threatened to release millions […] read more

Disk Encryption Software: Canada 2009 Hi-Tech Breach Costs Double From Last Year.

According to the ottawabusinessjournal.com, a new study from TELUS and the University of Toronto’s Rotman School of Management has found that the average cost of a data breach in Canada has doubled from 2008’s figures, to $834,000 (Canadian dollars, I assume).  While it can’t prevent all breaches, the use of drive encryption software like AlertBoot […] read more

Data Encryption Software: Ohio Policyholder Information Data Breach Notification Rules – Ohio Department of Insurance.

Update (28 SEPT 2009): A copy of Bulletin 2009-12 can be found at http://www.insurance.ohio.gov/Legal/Bulletins/Documents/2009-12.pdf) According to a newly released press release by the Ohio Department of Insurance, insurance companies doing business in Ohio will have to contact the Department of Insurance if they discover a data breach.  This new requirement will go into effect on November […] read more

Cost Of Data Security Breaches: It Takes Longer Than Expected To Notify The Affected.

Okay, so you’ve had a data breach because a) an employee somehow lost a computer and b) you didn’t use laptop encryption software to secure that computer’s data.  It’s time to announce a data breach and contact your affected clients. But wait!  It’s not as straightforward as you might believe.  I was reviewing some of […] read more

Application Control Software: A Reminder Of Its Importance, Curious George, And The Lovesick.

Lovesick malware-spreader hits hospital Curious George is a bad monkey.  He’s spreading malware Hard disk encryption  is one of the best methods for protecting your data.  However, it’s not the “be all, end all” of computer data security.  And here are a couple of notable cases that show you why. Ohio Hospital A Casualty A […] read more

Data Encryption: HIPAA Data Breach Notification In Effect SEPT 23, 2009.

The Health Insurance Portability and Accountability Act (HIPAA) has a new notification requirement that goes into effect next week, on September 23.  This requirement was part of the HITECH Act, which in turn was part of the American Recovery and Reinvestment Act of 2009.  Safe harbor is provided for healthcare providers and other covered entities […] read more