Now Available:

line

Featured Resources:

line

Newsletter

Email Address:


line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

July 1, 2009

Stolen Print Documents With PII Found On Crook; Otherwise UCM Would Not Have Known The Reports Were Stolen

Late last week one of my alma maters, the University of Central Missouri, reported that two printed computer reports containing 7000 students' names, social security numbers, phone numbers, addresses, and birthdates were stolen from somewhere on the campus.

 
Continue reading Stolen Print Documents With PII Found On Crook; Otherwise UCM Would Not Have Known The Reports Were Stolen...

June 10, 2009

Healthcare Worker Gets 1 Year In Prison For Posting HIV Victim's Medical Records On Internet

Today a report discussed how a healthcare worker obtained medical information about a patient with HIV that was then posted on the Internet...

 
Continue reading Healthcare Worker Gets 1 Year In Prison For Posting HIV Victim's Medical Records On Internet...

June 3, 2009

Rights for Privacy Breach Victims

I received a provacative question on Twitter last week from idExperts, "If you had a wish list of rights for identity theft victims, what would that be?"

Sounds like a great blog topic! :) Here are my thoughts...

 
Continue reading Rights for Privacy Breach Victims...

May 27, 2009

Insider Threat: Horrible Tragedy Highlights Need For Policies & Training

I got the June 1 issue of Newsweek today, and something that's bothered me ever since I first heard about it was on page 4...

 
Continue reading Insider Threat: Horrible Tragedy Highlights Need For Policies & Training...

April 6, 2009

Privacy Breach Lesson: Encrypt Mobile Digital PII!

Once more, here is an example of how carelessness and/or a mistake leads to a privacy breach...

 
Continue reading Privacy Breach Lesson: Encrypt Mobile Digital PII!...

March 17, 2009

Computer Fraud Criminal Sentenced To 4 1/2 Yrs Jailtime + US$1.6 Million

Would you notice a $20 - $30 fraudulent charge mixed in with a lot of other charges...most people have more than 10 according to a financial fraud expert friend...on your credit card statement?

It looks like in Bulgaria they really lower the sanctions boom on those committing computer fraud..

 
Continue reading Computer Fraud Criminal Sentenced To 4 1/2 Yrs Jailtime + US$1.6 Million...

March 5, 2009

UK Company Caught Selling Their Employees' & Job Applicants' PII

Here's an interesting shocking story about some bad...make that VERY BAD...business decisions in the UK to make money by selling employees', and job applicants', personally identifiable information (PII) as a revenue stream...

 
Continue reading UK Company Caught Selling Their Employees' & Job Applicants' PII...

March 3, 2009

31 Info Sec & Privacy Tweets From Past 4 Days

I've been running across many interesting and useful news reports and pieces of information over the past few days, and putting them out on my Twitter peeps/tweeps/tweets/etc. For posterity and my own future reference, here's a listing of the ones from the past few days I want to be able to look back upon without paging through multiple posts on my PrivacyProf account...

 
Continue reading 31 Info Sec & Privacy Tweets From Past 4 Days...

February 26, 2009

HIPAA Violations: Nurses Allegedly Post X-Ray Photos To Facebook

Okay, here's a perfect real incident to use for a case study to argue discuss whether or not this is a HIPAA violation!

 
Continue reading HIPAA Violations: Nurses Allegedly Post X-Ray Photos To Facebook...

February 24, 2009

Employee Suing Starbucks For Poor Security & Laptop Theft

Here's an interesting progression in how to address the growing data breaches that occur largely from ignored, overlooked, and/or inadequate security practices...

 
Continue reading Employee Suing Starbucks For Poor Security & Laptop Theft...

line

Rebecca Herold's Bio:

Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for the past two decades. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the world's best privacy experts and on their list of the best privacy consulting firms in both 2007 and 2008. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 13th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.