Our web-based software tools are designed specifically to assist our clients in managing data breach risks. Learn More »
RADAR helps you in risk assessment, documentation and reporting for HITECH data breach incidents.
Learn More »
Organizations across industries are facing increased public attention and regulatory scrutiny in light of high profile data breach incidents. While the Target’s of the world get more publicity than they’d ever hoped for, what lies beneath all of this is that for every one very public Target security incident, there are hundreds, if not thousands, of security incidents involving regulated data (specifically personal information) that are “near misses”. The one’s that happened, but due to good fortune or effective efforts did not result in an incident that is categorized as a “data breach”, which then requires a public disclosure for all to see.Read More »
There must be something in the water this year. There has been an epidemic of tax fraud that has affected employees of several healthcare organizations. And it now seems like cyber security experts are getting to the root cause of how this was done.Read More »
The folks at Experian have been receiving a great deal of well-deserved attention recently. Just this week, the states of North Carolina and Iowa joined Connecticut and Illinois Attorneys General in investigating Experian for the alleged access to a database of records on approximately 200 million Americans with information including social security numbers, dates of birth, and email addresses, among other sensitive personal data, by an identity theft service masquerading as a private investigator. That Experian is able to sell the personal data of American’s without explicit consent seems counterintuitive, given that as a credit bureau they are in a “unique position” relative to the (regulated) manner as to how they collect such information. The fact that Experian is also frequently trusted by organizations that themselves have had data breach to care for the affected consumers is downright perplexing.Read More »
Julie Brill, Commissioner of the FTC, answered questions at the IAPP Global Conference this month regarding the FTC’s interest in consumer privacy issues associated with “big data” and the Internet of things (“IoT”). The information security and privacy aspects of these major computing trends have obviously garnered the attention of the FTC.Read More »
Mobile devices allow you to do amazing things: play Candy Crush Saga in a boring meeting, download your alma mater’s fight song, get the calorie count of the Costco-sized pizza you bought. They also have the potential to do amazing damage to sensitive patient information—especially if you don’t take care to secure your phone or tablet.Read More »
This article from Mr. Krebs brings up a number of interesting questions in addition to the one that the title poses (are credit monitoring services worth it?). One that I think most salient, right on the back of the huge Target breach, is whether the current approach taken by companies in responding to a data breach effective for the affected individuals?Read More »
Thirteen, the traditional unlucky number, is a pot of gold compared to 100. That’s because criminal attacks on healthcare organizations have increased 100 percent since 2010, according to the Fourth Annual Benchmark Study on Patient Privacy and Data Security by Ponemon Institute.Read More »
Friday at the IAPP Global Privacy Summit, Edith Ramirez, chairwoman of the FTC, took questions related to privacy and data security with an initial focus on the challenges posed by so-called "big data". In the session, she noted that the FTC looks at the issues with big data quite broadly.Read More »
With the Target breach in the news what seems like daily since December, the concept of data breach, and it's implications, has now burned itself into the psyche of the American public. 2014 marks the beginning of a new era in how organizations "manage" incidents and disclosures of personal, regulated data. See the innovative ID Experts RADAR software platform at the IAPP Global Summit and make sure your organization has begun to operationalize the assessment and management of data security incidents.Read More »
The healthcare information management and data breach community was put on notice last year from regulators that they would be expecting much great focus on and performance in securing patient health information (HIPAA protected health information, or PHI) and managing the privacy of patient data from healthcare organizations (HIPAA covered entities) and their business and technology partners (HIPAA business associates) going forward. I thought I’d take a look in this post of what 2013 brought us, and what to expect as we plunge forward into 2014.Read More »
© Copyright 2014 ID Experts
A message from our lawyers. ID Experts, the ID Experts logo, and Breach HealthCheck are registered trademarks of ID Experts. RADAR, FraudStop, YourResponse, Breach Prevent, and Breach Respond are trademarks of ID Experts. All other trademarks used within the ID Experts website are the property of their respective owners.