In Experian We Trust?

by Doug Pollack

The folks at Experian have been receiving a great deal of well-deserved attention recently. Just this week, the states of North Carolina and Iowa joined Connecticut and Illinois Attorneys General in investigating Experian for the alleged access to a database of records on approximately 200 million Americans with information including social security numbers, dates of birth, and email addresses, among other sensitive personal data, by an identity theft service masquerading as a private investigator.  That Experian is able to sell the personal data of American’s without explicit consent seems counterintuitive, given that as a credit bureau they are in a “unique position” relative to the (regulated) manner as to how they collect such information. The fact that Experian is also frequently trusted by organizations that themselves have had data breach to care for the affected consumers is downright perplexing.

Read More »

FTC Explores Privacy Issues of Big Data at IAPP

by Doug Pollack

Julie Brill, Commissioner of the FTC, answered questions at the IAPP Global Conference this month regarding the FTC’s interest in consumer privacy issues associated with “big data” and the Internet of things (“IoT”). The information security and privacy aspects of these major computing trends have obviously garnered the attention of the FTC.

Read More »

BYOD: Beware of Your Own Device—and the People Who Carry Them

by Doug Pollack

Mobile devices allow you to do amazing things: play Candy Crush Saga in a boring meeting, download your alma mater’s fight song, get the calorie count of the Costco-sized pizza you bought. They also have the potential to do amazing damage to sensitive patient information—especially if you don’t take care to secure your phone or tablet.

Read More »

Should Insurance Carriers offer a Virtual Privacy Expert?

by Jeremy Henley

I recently wrote about the Advisen conference I attended in San Francisco and some of the presentations that I found very interesting - see my previous blog on Advisen West Coast Style.  During the conference several of the panelists discussed the need for pre-breach services and what services would be useful prior to a breach.  Susan Young a Vice President with Marsh Risk & Insurance services talked about how valuable loss prevention tools would be, such as risk assessments, training or education, as well as incident response planning.

Read More »

Allies Await – Join me in Anaheim April 10

by Rick Kam

The recent story on the healthcare breach tally reaching 30 million victims caused pause for many of us. That coupled with the recent Ponemon Report that revealed data breaches in healthcare have increased 100% since 2010 should send shock waves across the community of those who are responsible for protecting PHI.

Read More »

Privacy Warriors Must Operationalize to Keep Compliance Up, Data Breaches Down

by Mahmood Sher-jan

Privacy warriors constantly battle to keep pace and comply with complex and ever changing regulations designed to address rapidly evolving business practices, technologies, and privacy threats.  In 2014 alone, at least 19 states have introduced bills that could amend or impact breach laws.  Unfortunately, these warriors are learning that the gap between what they must do, and what they are doing is growing unless their organizations implement the required processes and tools designed to simplify the monitoring and management of these complex breach laws.

Read More »

Are Credit Monitoring Services Worth It?

by Doug Pollack

This article from Mr. Krebs brings up a number of interesting questions in addition to the one that the title poses (are credit monitoring services worth it?). One that I think most salient, right on the back of the huge Target breach, is whether the current approach taken by companies in responding to a data breach effective for the affected individuals?

Read More »

Advisen West Coast Style

by Jeremy Henley

The folks at Advisen finally got the word that the West Coast is the best coast when it comes to Cyber Liability, or at least that we do matter our here and had their first Cyber Insights conference in San Francisco this March.  I don’t know the final numbers but there seemed to be north of 100 in attendance for the inaugural event.  All kidding aside, many of the speakers were the usual suspects that often appear at conferences and rightly full so since most of them really do know there specialties well.  What was great is that having the event in on the West Coast brought out new faces in the cyber world and I made some great new connections.   

Read More »

100: The New Bad-Luck Number

by Doug Pollack

Thirteen, the traditional unlucky number, is a pot of gold compared to 100. That’s because criminal attacks on healthcare organizations have increased 100 percent since 2010, according to the Fourth Annual Benchmark Study on Patient Privacy and Data Security by Ponemon Institute.

Read More »

‘Side Effects’ of Affordable Care Act

by Bob Gregg

The list of side effects for many medications is long and somewhat frightening—anything from dizziness to fever to death. Side effects of the Affordable Care Act are equally troubling—including increased risk to data security and patient privacy—according to findings from the Fourth Annual Benchmark Study on Patient Privacy and Data Security by Ponemon Institute.

Read More »
Page 1 of 33 pages   1 2 3 >  Last »