I read an interesting article on a CNET blog today about new legislation regarding data breach notifications up for consideration by the Indiana State Senate. The proposed bill requires that all data breach notifications involving Indiana residents need to go through the attorney general’s office. That’s fairly standard practice, but that isn’t what makes this […] read more
Hard Drive Encryption Is Needed for All PC’s: There Is Worldwide Demand for Tougher Data Breach Legislation.
Lost laptops and missing disks could mean legal trouble, as the media spotlight on data breaches gives weight to calls for tougher legislation – but is encouraging best practice a wiser move? Another day, another miserable data fiasco – it seems there’s no end in sight for missing laptops and lost disks. It’s one thing […] read more
Numerous students, alumni, staff, and faculty may be affected by the theft of a hard drive. The external storage device contained the Social Security numbers of nearly 40,000 people, and was reported stolen earlier this month. The device was unencrypted. The external hard drive was used as a backup to a computer that contained […] read more
Marks & Spencer was ordered by the Information Commissioner’s Office to encrypt all of their laptops. This is the conclusion to the theft that occurred last May of a laptop that contained the personal information on 26,000 Marks & Spencer employees. The laptop was stolen from a printing firm working for M&S. It contained details […] read more
A barrister (that’s a lawyer for Americans) in London came to his office to find a laptop computer stolen. The computer contained the details of an inquiry into the murder of Billy Wright. For those who are not aware, Billy Wright is the founder of the Loyalist Volunteer Force, a paramilitary group he started after her […] read more
The Centers for Medicare and Medicaid Services (CMS) will soon begin on?site reviews to see whether hospitals are in compliance with HIPAA, the Health Insurance Portability and Accountability Act. Approximately 10 to 20 hospitals will be visited, and the results published. The names of the hospitals visited will not be revealed, however, regardless of the […] read more
The associated Oregon senate bill, The Oregon Identity Theft Protection Act (SB 583), is surprisingly short but to the point—and extremely readable. It feels like someone other than lawyers wrote it up. It also seems to build on past legislation already in place for personal data protection. For example, those who are already in compliance […] read more
Or rather, from the TSA, the Transportation Security Administration—you know, the guys at the airport everyone loves to hate? Don’t worry; nothing nefarious going on. You can chalk this up to random thefts, as opposed to the need to uphold the words of the Fourth Amendment. It’s been reported that some TSA officers who worked […] read more
In The Digital Age, The Sun Never Sets On The (Former) British Empire: Canada Has Laptop Security Woes, Following UK And India.
Or at least, it certainly feels like it. In addition to last week’s UK government public relations fiasco with the two lost CDs—and the other post I had regarding a break-in into an Indian government military research lab, where three computers got stolen—there are reports from Canada that a consultant for the Provincial Public Health […] read more
HM Revenue & Customs (HMRC) has lost two CDs containing the details of 25 million people in the United Kingdom. With the official population of the UK at 60.5 million, this represents slightly less than half of all the people in that country. The matter was grave enough, combined with other data breaches at the […] read more