Healthcare Provider Loses Mobile Data Device, Issues Letter and Credit Monitoring. I Presume The Device Was Not Encrypted (Not that I Blame Them In This Case).

Clarian Health has notified over 1200 patients that their information might have been compromised.  These patients were in the Clarian transplant program, and one of the transplant coordinators misplaced “a device similar to a Palm Pilot.”  Before anyone goes around saying that such information should not be on such a small device to begin with, […] read more

Continuing TJX Legal Saga Further Highlights Need For Data Protection And Encryption.

TJX is back in the news, and in a big way.  The reason for the brouhaha is the new estimated number of credit card accounts compromised when TJX security was breached last year.  The new number is 94 million, double the original TJX estimates of 46 million, as reported in a court filing.  The new […] read more

Laptop Security As Part of Freshman Orientation?.

A new school year has started in the United States, and already there seems to be a deluge of laptop theft stories in the media.  A small number of them are covered in the national media, such as the laptop theft in Arizona that affected students in Iowa:  a former teaching assistant in Iowa had […] read more

Full Disk Encryption By Itself Is Partial Protection, but AlertBoot Provides COMPLETE PROTECTION.

Almost on a daily basis we hear about large organizations losing laptops or computer media with confidential customer or employee data.  The companies are then forced to determine their risk and liability by confirming whether or not the data was encrypted. The legal position is that encrypted data translates to no data loss¸ and the […] read more

Connecticut State Employee Who Lost Laptop Is (Possibly) Identified: Mobile Data Security Revisited.

The Connecticut state employee who lost a laptop on the trip to Long Island, New York has been identified indirectly via police records.  The employee (I will not be in naming him here since the state will not confirm the identity; if you’re really desperate to have a name, Google it.), was a veteran worker […] read more

Data Breach Insurance Might Dampen The Need For Data Security? I Say Otherwise.

I’ve recently been reading up on some opinion pieces regarding insurance for security data breaches.  There seems to be some controversy regarding such insurance.  A subsidiary of AIG insurance, for example, has been offering a policy called netAdvantage for some time now.   Apparently, people have been signing up left and right in light of the […] read more

Device Encryption Is Optional Under HIPAA – Until Something Gets Stolen.

It is a glorious evening in Boston, and I see here in the news that McKesson, a pharmaceuticals distributor in the United States, had two computers stolen on July 18.  The computers had confidential patient data in them.  While this was reported earlier this morning on Fox news, it looks like it is hitting the […] read more

Government Agency Uses More Laptops, Requires Mobile Data Protection.

A Department of Revenue Services (DRS) laptop computer containing the information of 106,000 Connecticut taxpayers was stolen.  One might wonder, why was taxpayer information stored on a portable computer?  My assumption is that most taxpayers would want sensitive information to be sequestered in a building, behind guards, the computer bolted onto the desk itself.  Well, […] read more