Now Available:

line

Featured Resources:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

March 25, 2008

Yet Another Stolen Laptop With Clear Text Patient PII

Yet another in a long procession of laptop thefs, "Stolen laptop contains personal info of 2,500 patients".

Here are the first few paragraphs...

 
Continue reading Yet Another Stolen Laptop With Clear Text Patient PII...

Tags:                            
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (1) | TrackBacks (0)

March 6, 2007

How Good are the Security Practices for "America's Most Admired Companies 2007"?

Yesterday CNN reported the results of the FORTUNE 2007 survey of business people for the companies, in any industry, they admired most.

The rankings were based upon 8 key score areas:

 
Continue reading How Good are the Security Practices for "America's Most Admired Companies 2007"?...

Tags:                      
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (2) | TrackBacks (0)

February 18, 2007

VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained

Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspending "activities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month."

 
Continue reading VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained...

Tags:                  
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (2) | TrackBacks (0)

February 12, 2007

Privacy Breach: FBI Loses Laptops Each Month Despite 2002 Audit Telling Them To Improve Practices

Today the U.S. Department of Justice (DOJ) released the "The Federal Bureau of Investigation's Control Over Weapons and Laptop Computers Follow-Up Audit" report.

As you can tell by my post title, this should be a very embarrassing report for the FBI.

 
Continue reading Privacy Breach: FBI Loses Laptops Each Month Despite 2002 Audit Telling Them To Improve Practices...

Tags:                      
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

January 26, 2007

Laptop Theft Incident: Laptop Security Leads To Catching Drug Dealers

Some interesting news from right here in my back yard this week...

The Des Moines Register reported that a laptop was stolen along with other items stolen during a home burglery. The computer had a location-monitoring type of anti-theft package installed.

 
Continue reading Laptop Theft Incident: Laptop Security Leads To Catching Drug Dealers...

Tags:                
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

January 13, 2007

Laptop Incident: N.C. Dept of Revenue Laptop Theft Puts 30,000 Residents At Risk

Today the North Carolina Charlotte Observer reported a laptop was stolen from the car of an N.C. Department of Revenue employee in December.

They mailed letters to all 30,000 individuals this week. According to the report this is the first time notifications have been made within N.C. since they put their privacy breach notification law for government agencies into effect during the fall of 2006.

 
Continue reading Laptop Incident: N.C. Dept of Revenue Laptop Theft Puts 30,000 Residents At Risk...

Tags:                  
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

December 17, 2006

Stolen Laptop: Laptop and Printouts with PII about 600 Students in Colorado

The Longmont, CO Daily Times reported December 14 that a nurse's laptop was stolen from her car whle she was parked at a restaurant, along with paper records containing personally identifiable information (PII): "students’ names and dates of birth; the names of their schools and what grade they are in; the students’ Medicaid numbers; and their parents’ names."

 
Continue reading Stolen Laptop: Laptop and Printouts with PII about 600 Students in Colorado...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

Stolen Laptop: 3rd Theft from Boeing Since November 2005; Clear Text PII of 382,000 On the Latest

It was reported December 15 that Boeing had the 3rd laptop stolen in just a little over a year.

The laptop was stolen from an employee's car. PII included "names, home addresses, phone numbers, Social Security numbers and dates of birth for current and former Boeing employees."

 
Continue reading Stolen Laptop: 3rd Theft from Boeing Since November 2005; Clear Text PII of 382,000 On the Latest...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

December 14, 2006

Penalty Applied for Laptop Theft: More Significant Penalties Are Needed to Motivate Better Safeguards

The Boston Globe reported Tuesday that "Ameriprise Financial Services Inc. will pay $25,000 to settle a probe of how one of its laptop computers went missing with the personal data of thousands of Massachusetts residents."

An Ameriprise Financial Services laptop was stolen in 2005 that contained clear text personally identifiable information (PII) about over 200,000 individuals.

 
Continue reading Penalty Applied for Laptop Theft: More Significant Penalties Are Needed to Motivate Better Safeguards...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

December 6, 2006

Laptop Theft: PII About 1,000 W.Va. Air National Guard Members

A report in the Air Force Times indicates a laptop containing personally identifiable information (PII) about 1,000 West Virginia Air National Guard members was stolen during a training trip in November. The spokesperson for the Air National Guard indicated:

"The Air Force uses some of most sophisticated encryption processes to safeguard information on government computers"

...implying the data on the laptop was encrypted, but not coming right out and saying it was.

 
Continue reading Laptop Theft: PII About 1,000 W.Va. Air National Guard Members...

Tags:                      
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (2) | TrackBacks (0)

Search

line

Library Resources

line
line

Categories

line

Rebecca Herold's Bio:

Rebecca Herold,CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for over 18 years. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the 25 top privacy experts and on their list of the 9 best privacy consulting firms. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 11th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.