Data Breaches And Notifications: A Contrarian View? Or More Of The Same?.

The Wall Street Journal has an article on how certain executives are questioning the value of notifying the general public on company data breaches.  The pay-walled article notes that there are valid reasons against more transparency. The thing is, most of these so-called reasons are self-serving – which is why 47 states have laws requiring […] read more

Data Encryption: Delaware Passes Law That Requires Destruction Of PII.

Delaware has passed a law (which becomes effective on January 1, 2015) declaring that “commercial entities” must destroy any personally identifiable information (PII) belonging to consumers that is “no longer to be retained by the commercial entity.”  In other words, when disposing of PII, commercial entities must destroy customers’ information.  Of course, like most legislation, […] read more

HIPAA Encryption: RI Hospital Settles With MA Attorney General For $150K.

Women & Infants Hospital of Rhode Island has settled with the Massachusetts Attorney General’s office over a 2012 data breach that ended up affecting more than 12,000 people in Massachusetts.  The hospital has agreed to pay $150,000 – $110,000 in civil penalties, $25,000 for attorney’s fees, and $15,000 to a fund – and agreed to […] read more