Cloud Services: Will It Be There When You Need It?.

How much should you (or can you) trust the cloud to be there when you need it? Last week, the top US internet sites went dark, on and off, for a couple of hours or so due to a historically unprecedented denial of service attack (DDoS). Over the past week, we’ve learnt that the assault […] read more

Those NSA Tools Being Auctioned? One Should Blame USB Disks, Apparently.

We don’t hear anymore from the “old school” types of data breaches: lost or stolen laptops, computers that were stolen during a break-in, USB flashdrives that disappeared, etc. The last memorable case – now two years ago – involved a doctor who was tied to a tree by a couple of thugs and ordered to […] read more

HIPAA Data Breach: Medical Office Alerts Patients That Nothing Happened.

I’ve just run across a data breach notification that is a first of its kind: a data breach where the affected organization tells its clients (technically, patients) that nothing happened.  It’s like the Seinfeld show of data breaches.  The breach notification letter is about nothing.  Absolutely nothing.  Yet, there is something there. All kidding aside, […] read more

Data Breach Law: Wyoming Updates Laws On Data Privacy.

Wyoming has approved two Senate bills that update the state’s data privacy laws.  Senate Files 35 and 36 expand on the definition of what constitutes a breach of personal information, and what steps organizations must take when a data breach takes place.  Missing from the update: a safe harbor clause that would protect organizations if […] read more

Smartphone Security: Phone Theft Drops In Cities As Kill Switches Take Hold.

Reuters is reporting the unsurprising news that London, New York City, and San Francisco are seeing dramatic drops in smartphone thefts after the implementation of kill switches on devices became mandatory.  The ability to encrypt the contents of these devices has existed for years (via smartphone encryption that came either turned on by default or […] read more

HIPAA Encryption: Anthem Didn’t Encrypt Data Stolen In Massive Hack.

The wsj.com points out in an article that Anthem Inc, the health insurer that recently announced a massive data breach potentially affecting 80 million people, did not use health data encryption to secure the data that was stolen.  It also points out that applying encryption can be a “balancing act between protecting the information and […] read more

HIPAA Encryption: Laptop from Northwestern Memorial Healthcare Stolen, 2800 Affected.

Northwestern Memorial HealthCare (NHMC) – which counts as affiliates Northwestern Lake Forest Hospital, Northwestern Memorial Hospital, and Northwestern Medical Group – notified approximately 2,800 people of a data breach.  A laptop computer that was not protected with HIPAA-strength encryption was stolen from an employee’s vehicle.  According to chicagotribune.com, the hospital group took more than 2 […] read more