Search Realtime IT Compliance
Entries from Realtime Community | IT Compliance tagged with 'FACTA'
Court Decision on FACTA Credit Card Transaction Receipt Violations
I was doing a bit of research around the Fair and Accurate Credit Transactions Act (FACTA), and ran across an interesting recent court decision......
Tags:
awareness and training
credit card security
FACTA
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
Posted by Rebecca Herold on March 11, 2009 8:24 PM
Sloppy Disposal Aids Cybercriminals
For day 3 of Global Security Week I want to talk a little bit about the importance of securely disposing of your papers and storage media that contains personal information......
Tags:
awareness and training
cybercrime
data disposal
disposal rule
dumpster diving
FACTA
Global Security Week
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
Posted by Rebecca Herold on September 10, 2008 12:20 PM
Company Uses Negotiated Checks For Packing Material!
Not much surprises me any more with regard to some of the silly things that organizations do with printed PII that put the involved individuals at risk. However, I was surprised when I watched an ABC News report this morning......
Tags:
awareness and training
disposal
disposal rule
FACTA
information security
IT compliance
IT training
personally identifiable information
PII
policies and procedures
privacy training
risk management
security training
Posted by Rebecca Herold on August 21, 2008 8:49 AM
Laws & Regulations Require Security & Privacy Training & Awareness
I'm in the final weeks of creating some privacy breach training courses that will not only help personnel to prevent privacy breaches, but also help support compliance with the FACTA Red Flags rule, the at least 45 U.S. privacy breach...
Tags:
awareness and training
FACTA
information security
IT compliance
policies and procedures
privacy breach
privacy training
Red Flags rule
regulatory compliance
risk management
security training
Posted by Rebecca Herold on July 9, 2008 11:28 AM
Texas EZPawn Throws Away Its Security Promises and Customers' Privacy and Gets A Handed A Significant Penalty
Well, here is yet another company that had a nasty habit of just throwing papers containing their customers' personally identifiable information (PII) into publicly accessible trash cans. On June 24 a Texas judge handed down a civil penalty of $600,000...
Tags:
awareness and training
disposal
FACTA
information security
IT compliance
personal information privacy
policies and procedures
privacy breach
privacy training
risk management
security training
Texas Credit Services Organizations Act
Texas Deceptive Trade Practices Act
Texas EZPAwn
Texas Identity Theft Enforcement and Protection Act
Posted by Rebecca Herold on July 2, 2008 10:06 PM
Business Leader Primer for Effective Information Disposal
I've been talking a lot lately about the need for business leaders to more effectively address the secure disposal of information, particularly personally identifiable information (PII). Why? Because it seems like more and more attention is being given to security...
Tags:
awareness and training
BS 8470:2006
degauss
FACTA
HIPAA
information disposal
information security
IT compliance
National Identity Fraud Prevention Week
personally identifiable information
PII
policies and procedures
privacy
risk management
security awareness
security training
Posted by Rebecca Herold on May 28, 2008 9:18 AM
FTC Fines Mortgage Co. For Tossing PII Into Dumpster: FACTA/FCRA, GLBA, & FTC Act Violations
On December 17 the U.S. Federal Trade Commission (FTC) fined and penalized American United Mortgage Company for throwing the personally identifiable information (PII) and financial information of its customers and consumers into an open, publicly-accessible dumpster. Under the terms of...
Tags:
American United Mortgage Company
awareness and training
Disposal Rule
FACTA
FCRA
FTC
FTC Act
GLBA
information security
IT compliance
policies and procedures
privacy
privacy incident
privacy policy
Privacy Rule
risk management
security awareness
security training
Posted by Rebecca Herold on December 26, 2007 2:41 PM
Definitions For the Identity Theft Prevention Program Rule Under FACTA & Questions For Your Organization
In addition to some great followup questions I got from Andy in response to my blog posting yesterday, "FTC Now Requires Organizations to Have an Identity Theft Prevention Program" I have also received some interesting questions from others about the...
Tags:
awareness and training
FACTA
FCRA
Federal Reserve Act
FTC
Identity Theft Prevention Program
information security
IT compliance
policies and procedures
privacy
privacy training
risk management
security training
Posted by Rebecca Herold on November 2, 2007 6:19 PM
Information Security: Laws Require Secure Disposal of Information in All Forms; Using BS 8470:2006 for Compliance
Many information security incidents have occurred through non-technical means by simply and thoughtlessly throwing away printed documents into publicly-accessible trash bins, or even putting computers and sensitive documents out on the streets. I have blogged about this several times, such...
Tags:
awareness and training
BS 8470:2006
data disposal
Data Protection Act
disposal rule
FACTA
FCRA
FTC
information security
IT compliance
policies and procedures
privacy
risk management
Posted by Rebecca Herold on April 20, 2007 12:30 AM
Over 100 FACTA Lawsuits Filed in California Against Businesses Printing PII on Receipts; Are You In Compliance With All FACTA Requirements?
I read with interest an article in today's issue of the BNA Privacy and Security Law Report about over 100 lawsuits that have recently been filed within the California federal courts because of the amount of personally identifiable information (PII)...
Tags:
awareness and training
civil actions
credit reports
data accuracy
FACTA
FCRA
FTC
information security
IT compliance
PII
policies and procedures
privacy
Posted by Rebecca Herold on March 19, 2007 9:50 AM
Privacy Breach: Johns Hopkins University Lost Personal Information on 135,000 Individuals
There now seem to be so many privacy breaches that it is hard to choose which one to discuss... Last Wednesday, 2/7, Johns Hopkins University reported personal information on 135,000 employees and patients on nine backup tapes were missing that...
Tags:
awareness and training
FACTA
FCRA
FERPA
FTC
FTC Act
HIPAA
identity theft
information security
IT compliance
policies and procedures
privacy
privacy breach
Posted by Rebecca Herold on February 11, 2007 2:33 PM
Site Tags
Site tags used on this blog:
- 2007 Global Security Survey (1)
- 2007 Year in Review (1)
- 21 CFR Part 11 (1)
- 4th of July (1)
- 5th Amendment (1)
- 9/11 (1)
- AB 211 (1)
- AB1298 (1)
- ABC News (1)
- ABC World News (1)
- ABN Amro (1)
- access control (3)
- access controls (2)
- AccuSearch (1)
- ACLU (1)
- ACUS (1)
- ADA (1)
- adam dodge (1)
- ADT (1)
- adult education (1)
- Adultfriendfinder (1)
- adware (1)
- AEPD (1)
- Aetna (1)
- AFL-CIO (1)
- AHIMA (1)
- Alarm King (1)
- Aleecia McDonald (1)
- Alert (1)
- Alycia Lane (2)
- Amazon (1)
- ambient technology (2)
- American Red Cross (1)
- American United Mortgage Company (1)
- Ameriprise (1)
- Ameriquest (1)
- Analysis Corp (1)
- anatomy of a privacy breach (2)
- Andrea Smith (1)
- Andrew Aguecheek (1)
- Andrew Hay (1)
- Andy Lin (1)
- andyitguy (1)
- anonymity (1)
- Anton Chuvakin (4)
- Anyck Turgeon (1)
- AOL (1)
- APEC (1)
- application security (3)
- application standards (1)
- applications security (1)
- Arizona (1)
- ASIS (1)
- Ask.com (1)
- Astroglide (1)
- Athens-Chilesburg Elementary School (1)
- ATM (1)
- audit logs (1)
- auditors (1)
- audits (1)
- Aurora (1)
- australia (1)
- Australia (2)
- authentication (4)
- Authorities Principles of Business (1)
- automated voice response systems (1)
- awareness (1)
- Awareness Advisor (1)
- awareness and training (796)
- awareness communications (1)
- baby monitor (1)
- Back From Vacation (1)
- background checks (1)
- backup (2)
- backup tapes (1)
- backups (1)
- Bahamas (1)
- Bank Of New York (1)
- bank security (1)
- bankinfosecurity (3)
- Bankinfosecurity (1)
- barack obama (1)
- Barack Obama (8)
- Barracuda Networks (1)
- bartok (1)
- BCAW (1)
- BCP (3)
- BCRs (1)
- behavioral advertising (2)
- behaviorial advertising (1)
- Ben Rothke (1)
- Berger Devine Yaeger (1)
- BeSafe (1)
- Best Buy (1)
- best practices (1)
- best privacy advisers (1)
- Beth Isreal (1)
- Better Business Bureau (2)
- Beye (1)
- bill gates (1)
- Bill Gates (2)
- Bill Richardson (1)
- billingworld (1)
- binding corporate rules (1)
- biobanking (1)
- biometrics (3)
- bird flu (1)
- BitTorrent (1)
- blackberry (1)
- BlackBerry security (1)
- blog (1)
- Blue Cross Blue Shield (1)
- Blue Cross/Blue Shield (1)
- BNAC (1)
- Boeing (1)
- botnet (2)
- Boucher (1)
- Bozeman (1)
- breach (1)
- breach law (17)
- breach notice (3)
- breach notice law (6)
- breach notice laws (2)
- breach notification (17)
- breach response (22)
- breach response law (1)
- breach response plan (1)
- breathalyzer (1)
- Brian Honan (2)
- Britney Spears (2)
- brokerage (1)
- BS 8470:2006 (2)
- BSA (4)
- BSI Management Systems (2)
- Bunneli (1)
- Bunnell (1)
- business associates (1)
- business continuity (4)
- Business Continuity Awareness Week (1)
- business continuity planning (1)
- business networking (1)
- business partner security review (1)
- business privacy (1)
- business recovery (1)
- Business Wire (1)
- call center training (4)
- call records (1)
- CAN-SPAM (3)
- capital 106.3 (1)
- carbon dioxide reduction (1)
- CardSystems (1)
- career (1)
- carnegie mellon (6)
- Carnegie Mellon (2)
- Carnegie Mellon University (1)
- case studies (1)
- Catskill Regional Medical Center (1)
- Catsouras (1)
- CBK (1)
- CCTV (1)
- cell phone (2)
- cell phone security (2)
- cell phones (1)
- Center for Democracy and Technology (1)
- Center for Strategic and International Studies (1)
- Central Coast Security (1)
- CENTRAL LABORERS’ PENSION FUND (1)
- Cerner (1)
- CERT (1)
- certified email (1)
- certify (3)
- change controls (1)
- Charles E. Ramos (1)
- Charles W. Courtney (1)
- check processing (1)
- Chet Culver (1)
- Chicago (1)
- children (1)
- children's privacy (1)
- China (1)
- Choicepoint (1)
- Chris Grillo (1)
- Christine Beatty (1)
- Christmas (1)
- Christophe Veltsos (1)
- Chukwemeka Felix Iroh (1)
- CIPA (1)
- CISP (1)
- CISSP (1)
- civil actions (2)
- civil suit (1)
- click wrap contract (1)
- cloud computing (2)
- CMDB (1)
- CMS (17)
- CMSU (1)
- CMU (3)
- CNIL (3)
- CNN (7)
- Columbia Pictures (2)
- common criteria (1)
- communication (2)
- compliance (10)
- compliance penalty (1)
- compliant (3)
- computer breach (1)
- computer crime (8)
- computer disposal (2)
- computer forensics (2)
- computer history (2)
- computer logs (1)
- Computerworld (2)
- conference discount (3)
- congress (2)
- Congressional Gold Medal (1)
- Connecticut (1)
- Constitution Project (1)
- Consumer Action (1)
- Consumer Federation of America (1)
- consumer fraud (2)
- contract (1)
- convictions (1)
- cookies (1)
- COPP (1)
- COPPA (2)
- copyrights (1)
- corporate communications (1)
- corporate governance (34)
- COSO (1)
- court decision (1)
- court ruling (1)
- Cox Communications (1)
- Craftmatic (1)
- Craigslist (1)
- credit card fraud (1)
- credit card security (2)
- credit reporting (1)
- credit reports (4)
- crickets (1)
- criminal checks (1)
- crminal (1)
- cross border data flow (4)
- CSI (10)
- CSIRT (1)
- CSIS (1)
- CUNA Mutual (1)
- customer privacy (8)
- customer service (2)
- customer service training (1)
- customer trust (1)
- Cutaway (1)
- Cutter Consortium (1)
- CVS (1)
- cyber crime (1)
- Cyber Promotions (1)
- cyber security (1)
- Cyber-Defense Competition (1)
- cyberattack (1)
- cybercrime (32)
- cybercriminal (1)
- cybercriminals (2)
- cyberdefense (1)
- CyberDefense Competition (1)
- cyberfraud (3)
- cybersecurity (2)
- cyberstreetsmart (1)
- cylab (3)
- CyLab (1)
- Dan Swanson (1)
- Dan York (1)
- Daniel A. Green (1)
- Daniel J. Solove (1)
- Dark Reading (1)
- data (1)
- data accuracy (2)
- data backup (1)
- data breach (3)
- data disposal (8)
- data leakage (6)
- data loss (6)
- data masking (2)
- data mining (9)
- data pollution (1)
- data privacy day (3)
- Data Privacy Day (3)
- data protection (21)
- Data Protection Act (2)
- data protection law (12)
- data retention (7)
- data safeguard standards (1)
- database security (1)
- Davi Ottenheimer (1)
- David Lynas (1)
- de-identification (1)
- death threat (1)
- deceased (1)
- defamation (1)
- Defcon (1)
- degauss (1)
- deidentifying data (1)
- Dell (1)
- Deloitte (1)
- DeMint (1)
- democrats (4)
- denial of service (1)
- Department of Commerce (2)
- Department of Defense (1)
- Department of Education (1)
- Department of Energy (1)
- department of homeland security (2)
- Department of Homeland Security (2)
- Department of Labor (1)
- Department of Revenue Services (1)
- department of transportation (1)
- Des Moines Register (3)
- DHS (11)
- DHS EBK (1)
- dial-up access (1)
- dialup (1)
- Didier Stevens (1)
- Direct Revenue (1)
- disaster plan (1)
- disaster recovery (6)
- disposal (8)
- Disposal Rule (2)
- disposal rule (3)
- DNA (1)
- do not call (1)
- Do Not Call (2)
- Do Not Call Registry (1)
- Do Not Track List (1)
- DoD (1)
- Dodd (1)
- DOE (1)
- Dogster (1)
- DoJ (2)
- DOJ (1)
- domain name (3)
- Donald Kerr (1)
- Dongfan Chung (1)
- Donn Parker (1)
- Doug Jacobson (1)
- DPPA (1)
- DR (1)
- Dr. Katina Michael (2)
- Dr. Michael G. Michael (2)
- Dr. W. Norman Scott (1)
- Drew Peterson (1)
- Droitwich (1)
- DRP (1)
- drug bust (1)
- drunken hacking (1)
- DSS (1)
- dubai (1)
- due diligence (1)
- dumb robbers (1)
- dumpster diving (3)
- e-discovery (4)
- e-mail (7)
- EC (1)
- ecommerce security (1)
- Eden Prairie (1)
- education (2)
- EFIOA (1)
- EHR (1)
- electronic discovery (2)
- Electronic Frontier Foundation (1)
- electronic health records (1)
- Eliot Spitzer (1)
- Elliot Spitzer (1)
- email (9)
- email communications (1)
- email incident (3)
- email mistakes (1)
- email monitoring (1)
- email privacy (1)
- email retention (1)
- email security (14)
- emergency management (2)
- emergency planning (1)
- Emily Hoelscher (1)
- employee law (1)
- employee privacy (14)
- employee screening (1)
- employee termination procedures (2)
- employee tracking (1)
- employment (1)
- employment issues (1)
- encrypt (5)
- encryption (47)
- encryption law (1)
- ENISA (2)
- enryption (2)
- epa (1)
- ethical hacker (1)
- ethics (4)
- EU (1)
- EU Data Protection Directive (8)
- EU e-Privacy Directive (1)
- EULA (2)
- Europe (1)
- European Commission (1)
- European Network and Information Security Agency (1)
- European Union (4)
- Executive Order 13478 (1)
- express consent (1)
- Express Scripts (1)
- extortion (2)
- Facebook (4)
- facebook (7)
- FACTA (11)
- FAF (1)
- Fair Labor Standards Act (1)
- Faith Heikkila (1)
- False Claims Act (2)
- FARC (1)
- FASB (1)
- FBI (6)
- FBI IDW (1)
- FCC (1)
- FCRA (7)
- FDIC (4)
- federal reserve (1)
- Federal Reserve Act (1)
- Federal Reserve Bank (1)
- Federal Reserve Board (1)
- Federal Trade Commission (1)
- FEI (2)
- Feinstein (1)
- FERPA (5)
- FFIEC (2)
- fireworks (1)
- FISA (2)
- FISA Amendments Act of 2008 (1)
- FISSEA (1)
- FLSA (1)
- FMLA (1)
- FOIA (2)
- Foreign Intelligence Surveillance Act (2)
- Fortune (1)
- Fourth of July (1)
- FPA (1)
- France (3)
- Francis Ford Coppola (1)
- fraud (1)
- Fred Hayes (1)
- free training (1)
- French (1)
- FSA (1)
- FTC (49)
- FTC Act (12)
- FTC ruling (1)
- Gal Shpantzer (1)
- GAO (2)
- Gary Hinson (2)
- Gavin Newsom (1)
- genetic data (1)
- genetic privacy (1)
- George Bush (1)
- George Clooney (2)
- GINA Law (1)
- GLBA (9)
- Global Crossing (1)
- Global Mortgage Funding (1)
- Global Security Week (10)
- global security week (2)
- Goodmail (1)
- Google (5)
- google (1)
- Google Apps (1)
- Google Chrome (1)
- Google Health (1)
- Google street view (1)
- Google streetview (1)
- Google walking directions (2)
- governance (1)
- government (70)
- government surveillance (1)
- GPO (1)
- GPS (1)
- GPS tracking (1)
- Gramm Leach Bliley (1)
- Gramm Leach Bliley Act (1)
- Gregg William Bergersen (1)
- grillo (1)
- Grillo (3)
- Guardian Communications (1)
- hacker (9)
- hacker safe (1)
- hacker safe seal (1)
- hackers (4)
- hacking (1)
- harp (1)
- HCPro (1)
- health data privacy (2)
- health insurance portability and accountability act (6)
- Health Insurance Portability and Accountability Act (4)
- Health Net (1)
- healthcare (1)
- healthcare security (1)
- HealthVault (1)
- Healtvault (1)
- Herb Kohl (1)
- HERBERT ALLEN (1)
- HHS (31)
- hillary clinton (1)
- Hillary Clinton (2)
- hipaa (1)
- HIPAA (106)
- HIPAA enforcement (1)
- HIPAA sanction (1)
- HITECH (7)
- HITECH Act (25)
- hitech act (1)
- holiday (1)
- home office (1)
- Homeland Security (1)
- Homeland Stupidity (1)
- honey stick (1)
- Horizon (1)
- Hospital Sisters of the Third Order of St. Francis (1)
- hot jobs (1)
- Howard Dean (1)
- Howie Day (1)
- HR (1)
- HSPD-12 (1)
- humor (1)
- I-9 documents (1)
- I-9 forms (1)
- IAPP (4)
- ICANN (1)
- iconix (1)
- ID theft (3)
- identity fraud (6)
- identity management (2)
- identity theft (49)
- identity theft insurance (1)
- Identity Theft Prevention Program (2)
- identity verification (2)
- Ifeyhewen Badidi (1)
- Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (1)
- IM (2)
- IM security (2)
- image spam (2)
- implied consent (2)
- inauguration (1)
- incident (1)
- incident response (2)
- income tax (1)
- Independence Day (1)
- information assurance (6)
- information classification (1)
- information disposal (2)
- information reclamation (1)
- information security (794)
- information security and privacy collaboration (1)
- information security and privacy convergence (2)
- information security policies (6)
- information security profession (1)
- information security study (1)
- Information Shield (1)
- infosecblog (1)
- Infragard (3)
- ingestible bugs (1)
- insider threat (48)
- instant messaging (5)
- Institute of Medicine (1)
- insurance (1)
- INTEGRATED ELECTRICAL SERVICES INC (1)
- intellectual property (3)
- International Association of Privacy Professionals (1)
- international data transfer (1)
- international space station (1)
- International Trade Commission (1)
- internet (1)
- Internet (1)
- Internet history (1)
- Internet Safety Night (1)
- Internet security (2)
- Internet use (2)
- intrusion detection (1)
- invasion of privacy (1)
- IOM (1)
- Iowa (4)
- iowa anti-spam law (1)
- iowa anti-spoof law (1)
- Iowa caucus (4)
- Iowa law (3)
- Iowa ruling (1)
- Iowa State Fair (1)
- Iowa State University (2)
- IowaLandRecords.org (1)
- IP address (1)
- ipod (1)
- ipod security (1)
- IRS (2)
- Irving Escobar (1)
- ISACA (3)
- ISMS (4)
- ISO 27001 (3)
- ISO 27001 certification (3)
- ISO 27002 (1)
- ISO/IEC 17799:2005 (1)
- ISO/IEC 27002 (1)
- ISO/IEC 27005:2008 (1)
- ISSA (1)
- IT (1)
- IT audit (1)
- IT compliance (790)
- IT Compliance (1)
- it compliance (1)
- IT Compliance in Realtime (4)
- IT Compliance in Realtime Journal (1)
- IT Compliance Institute (1)
- IT compliance privacy (1)
- IT security (1)
- IT security Essential Body of Knowledge (1)
- IT security training (1)
- IT training (270)
- ITIL (2)
- ITRC breach report (1)
- itunes (1)
- Ivinson Memorial Hospital (2)
- jail time (1)
- James M. DiBlasio (1)
- Japan (1)
- Jason Fortuny (1)
- Jason Purslow (1)
- Jay Cline (1)
- Jay Meckenstock (2)
- Jeffrey B. Goodin (1)
- JEFFREY PUGH (1)
- Jerry Miller (1)
- job opportunity (1)
- jody westby (1)
- Joe Lindstrom (1)
- John Boehner (1)
- John Brandon (2)
- John DiMaria (2)
- John Edwards (1)
- john mccain (1)
- John McCain (1)
- John Snyder (1)
- Johseph Nathaniel Harris (1)
- judgment (1)
- Justin Peltier (1)
- Karen Curtis (1)
- Katrina (1)
- Kelly Sonora (1)
- Kentucky (1)
- kernell (1)
- Kevin Beaver (3)
- key logger (1)
- keylogger (1)
- kramer (1)
- Kwame Kilpatrick (1)
- Kyoung Suk Kim (1)
- KYW-TV (1)
- Lamont Wallace (1)
- laptop incident (1)
- laptop loss (1)
- laptop security (4)
- laptop theft (18)
- laptops (1)
- Larry Craig (1)
- Larry Mendte (2)
- Larry Ponemon (1)
- Latanya Sweeney (1)
- Latitude (1)
- Laurie Young (1)
- law (3)
- law enforcement (2)
- laws (1)
- lawsuit (1)
- leadership (1)
- Leahy (1)
- legal contracts (1)
- legislation (2)
- Lending Tree (1)
- Leonardo Cervera (1)
- Leslie A. Howell (2)
- Leslie Howell (1)
- license agreement (1)
- life is good (1)
- Lime Wire (1)
- Linda McGlasson (1)
- LinkedIn (5)
- lithium batteries (1)
- Live Earth (2)
- locational privacy (1)
- log compliance (1)
- log management (6)
- logging (5)
- logic bomb (2)
- logs (5)
- logs review (1)
- Lorrie Faith Cranor (1)
- lost and found (1)
- lost laptop (3)
- lost laptops (1)
- Maine (1)
- malicious software (1)
- malware (5)
- Marc Groman (1)
- Marie Cooley (1)
- Mark Jacobs (1)
- marketing (1)
- Martin McKeay (1)
- Maryland (1)
- Massachusetts (1)
- Massachusetts law (2)
- massachusetts privacy law (1)
- MBTA (1)
- McCain (1)
- McDonald's (1)
- McKee Clinic (1)
- Medco (1)
- medical identity theft (8)
- MedicAlert (1)
- meditech (1)
- meetings (1)
- memorial day (1)
- Merrick Bank (1)
- messaging privacy (4)
- messaging risks (1)
- messaging security (8)
- messaging technology (1)
- MetaBank (1)
- metadata (1)
- Metropolitan Sewer District (1)
- Michael Chertoff (1)
- Michael Mauro (1)
- Michael Mimitruk (1)
- Michael Santarcangelo (1)
- Michigan (1)
- micro-blog (1)
- microsoft (1)
- Microsoft (6)
- Mike Brennan (1)
- Minnesota (2)
- miracle wheat (1)
- miscellaneous (2)
- Missouri (1)
- Missouri Department of Revenue (1)
- MIT (1)
- mobile computer security (1)
- mobile computing (7)
- mobile computing risks (4)
- mobile security (2)
- mobile working (1)
- monitoring (6)
- MOREnet (1)
- Morrissey (1)
- Mother's Day (1)
- mp3 (1)
- MPAA (2)
- MSIA (3)
- multi-factor authentication (1)
- music (1)
- myspace (5)
- MySpace (3)
- Myspace (1)
- mytechnologylawyer (1)
- NAI (1)
- nanotechnology (1)
- NASA (1)
- National Consumer Protection Week (1)
- National Identity Fraud Prevention Week (1)
- national intelligence (1)
- National Security Letters (3)
- Naval Research Laboratory (1)
- NetSec (1)
- Network Advertising Initiative (1)
- Network Systems Architects (1)
- Nevada (3)
- New York (1)
- new york attorney general (1)
- New York Supreme Court (1)
- New Zealand (1)
- NHLBI (1)
- Nicole Lanae Stevenson (2)
- Niedermeier (1)
- NISSAN (1)
- NIST (8)
- NISTIR (1)
- NISTIR 7628 (2)
- Nith Circuit (1)
- NLRB (1)
- no match letter (1)
- no match rule (1)
- noncompliance penalty (2)
- Norman Borlaug (1)
- Northeastern University (1)
- Norwich (2)
- Norwich Union Life (1)
- Norwich University (1)
- NRS 597.970 (1)
- NSA (4)
- nucleus research (1)
- nymity (1)
- Nymity (1)
- Obama (2)
- OCC (1)
- OCR (15)
- ODNI (1)
- oecd (1)
- OECD (2)
- OECD privacy principles (1)
- OESS (1)
- Office of Personnel Management (1)
- Ohio (2)
- Ohio Department of Administrative Services (1)
- OIG (1)
- OMB (1)
- One Laptop Per Child (1)
- online scams (1)
- Ontario Police Department (1)
- Opt-in (1)
- opt-out (1)
- orkut (1)
- OTS (2)
- outsourcing (3)
- outsourcing risks (2)
- outsourcing security (1)
- P2P (1)
- P2P security (1)
- PA-DSS (1)
- Pakistan (1)
- Palin (1)
- Palisades Medical Center (1)
- Panda Security (1)
- pandemic (2)
- Pandora's box (1)
- Paris Hilton (1)
- passport-gate (2)
- passports (1)
- password security (1)
- passwords (2)
- patient information (1)
- patient privacy (57)
- patient privacyimpact assessment (1)
- patient security (1)
- Patriot Act (3)
- Paula Abdul (1)
- PCAOB (1)
- PCI (6)
- PCI DSS (14)
- PCI Security Standards Council (1)
- PDF (1)
- Peak: How Great Companies Get Their Mojo from Maslow (1)
- peggy whitson (1)
- penetration test (2)
- perez (1)
- personal (2)
- personal data breach (6)
- personal data protection (2)
- personal information (3)
- personal information breach (1)
- personal information incident (1)
- personal information privacy (2)
- personal information protection (2)
- personal privacy (15)
- personally (1)
- personally identifiable informatio (1)
- personally identifiable information (91)
- Peter Tippett (1)
- PETs (1)
- PGP (2)
- PHI (18)
- Phil Bredesen (1)
- phishing (13)
- phone calls (1)
- PHR (3)
- PIA (12)
- Piedmont Hospital (3)
- PII (118)
- PII personally identifiable informaton (1)
- PIPEDA (1)
- Planet PDF (1)
- podcast (8)
- police (1)
- police scanner (1)
- policies and (2)
- policies and procedures (743)
- politics (1)
- ponemon (1)
- Ponemon Institute (3)
- Ponemon study (1)
- Popular Science (2)
- popup marketing (1)
- Portugal privacy law (1)
- Premier Capital (1)
- pretexting (2)
- PricewaterhouseCoopers (3)
- privacy (429)
- Privacy Act (1)
- Privacy Activism (1)
- privacy and security Week (1)
- Privacy Award (1)
- privacy awareness (20)
- privacy bills (3)
- privacy bird (1)
- privacy breach (94)
- privacy breach notice laws (2)
- privacy breach notifications (1)
- privacy breach response (1)
- privacy breach response plan (1)
- privacy breach study (1)
- privacy breaches (3)
- privacy commissioner (1)
- privacy compliance (7)
- privacy enhancing technologies (1)
- privacy experts (1)
- privacy framework (1)
- privacy impact assessment (12)
- privacy impact calculator (1)
- privacy incident (29)
- privacy incidents (1)
- privacy issues (1)
- Privacy Journal (1)
- privacy law (32)
- privacy management (1)
- privacy management toolkit (1)
- privacy ombudsman (1)
- privacy policies (2)
- privacy policy (47)
- privacy policy change (1)
- privacy poll (2)
- privacy principles (4)
- privacy professor (1)
- Privacy Rights Clearinghouse (1)
- privacy rule (16)
- Privacy Rule (6)
- privacy studies (1)
- privacy study (1)
- privacy survey (1)
- privacy tools (2)
- privacy training (315)
- privacyprof (2)
- program changes (1)
- protected health information (3)
- Protecting Information (5)
- protecting information (4)
- Providence Health & Services (1)
- Public Information Research (1)
- public schools (1)
- publicdata.com (1)
- PwC (3)
- QSA (3)
- Raelyn Campbell (1)
- ransomware (1)
- Ray Kaplan (1)
- RBS Worldpay (1)
- REAL ID (2)
- Red Flags Rule (4)
- Red Flags rule (1)
- Red Flags Rules (1)
- registration redemption (3)
- Regulation S-P (1)
- regulatory compliance (27)
- regulatory enforcement (1)
- Remberto Sarmiento (1)
- remote computing (1)
- republicans (4)
- Republicans (1)
- reputation (1)
- research data (1)
- retail security (1)
- retention (2)
- retention law (1)
- RFID (3)
- Rhode Island Hospital (1)
- Richard Ellis Smith (1)
- richard power (1)
- Richard Power (2)
- Richard Swart (1)
- Richard Thomas (1)
- risk (8)
- risk management (575)
- risk management. data loss (1)
- running (2)
- Ryan Sherstobitoff (1)
- Safe Harbor (2)
- safecode (1)
- Safeguards Rule (4)
- Safer Internet Day (1)
- SAI Global (1)
- Samuel Bodman (1)
- San Jose Medical Group (1)
- sanction (1)
- sanctions (1)
- Santa (2)
- Sarah Palin (1)
- Sarbanes Oxley (8)
- saturday night live (1)
- Saudi Arabia (1)
- Savvis (1)
- SB 227 (1)
- SB 347 (1)
- SB 541 (1)
- SB1386 (1)
- SC Magazine (2)
- Schumer (1)
- sciarrone (1)
- science (1)
- Scientific American (1)
- Scott Charney (1)
- Scott Draughon (1)
- Scott Wright (1)
- scott wright (2)
- SDLC (9)
- search engines (1)
- SEC (2)
- Section 404 (6)
- Secure 360 (1)
- secure applications (2)
- Secure Your ID Day (2)
- security (4)
- security and privacy collaboration (2)
- security and privacy convergence (1)
- security awareness (163)
- security benchmark (1)
- Security Catalyst (1)
- security certification (1)
- security controls (1)
- security incident (3)
- Security Insider (1)
- security law (6)
- security podcast (1)
- security policies (1)
- security policy (1)
- security poll (2)
- security risk (23)
- security roundtable (1)
- security rule (13)
- Security Rule (3)
- security sanctions (2)
- security software (2)
- security survey (1)
- security testing (1)
- security tools (2)
- security training (485)
- security vendor (1)
- security vendors (1)
- separation of duties (1)
- service level agreements (1)
- Shadowsoft (1)
- Shane Kelly (1)
- Shirk (1)
- shoes (1)
- Shon Harris (1)
- shredding (1)
- SID (1)
- SIIA (1)
- SIM cards (1)
- Simbaqueba Bonilla (1)
- smart card (1)
- Smart Grid (5)
- Smart Meter (2)
- SmartGrid (4)
- smartphone security (1)
- SMB (4)
- SMB security (3)
- SMBs (4)
- social (2)
- social engineering (14)
- social network (2)
- social network security (1)
- social networking (7)
- social networking safety (1)
- social networking sites (1)
- social networks (1)
- social psychology (1)
- social security administration (1)
- social security number (11)
- social security numbers (5)
- software certification (1)
- software licensing (3)
- software pirating (1)
- software quality assurance (1)
- software security (1)
- SOX (9)
- SP 800-122 (1)
- space shuttle (1)
- Spain (1)
- spam (8)
- spam law (1)
- Speaker (2)
- speaking (1)
- spoofing (1)
- spy (1)
- spyware (3)
- SSA (2)
- SSN (13)
- SSNs (1)
- stamps (1)
- standards (1)
- Stanley Inc (1)
- Starbucks (1)
- state breach notice laws (1)
- state data protection law (3)
- state employment law (1)
- state law (1)
- Steven E. Hutchins Architects (1)
- Steven William Sutcliffe (1)
- stolen computer (3)
- stolen laptop (10)
- stolen laptops (3)
- stolen mail (1)
- storage (1)
- Streetwise Security Coach (1)
- streetwise security zone (1)
- supreme court (1)
- surveillance (26)
- Swift (2)
- Symantec (1)
- systems development (3)
- T-Mobile (1)
- Talk America (1)
- taxpayer identification number (1)
- technology (1)
- telecommunications (1)
- telemarketer (1)
- teleworking (1)
- Tennessee (1)
- terms of use (1)
- terrorist (2)
- Terry Childs (1)
- Texas Credit Services Organizations Act (1)
- Texas Deceptive Trade Practices Act (1)
- Texas EZPAwn (1)
- Texas Identity Theft Enforcement and Protection Act (1)
- text message security (2)
- text messages (2)
- texting (1)
- The Consulting Association (1)
- The Economist Intelligence Unit (1)
- The Office (1)
- theft (1)
- third party security (4)
- this day in history (1)
- TJX (2)
- TJX breach (1)
- Toby Levin (1)
- Tom Peltier (1)
- Top 50 Security Blogs (1)
- topless meetings (1)
- Torrentspy (1)
- trademarks (1)
- training (2)
- travel (1)
- travel safety (1)
- travel security (1)
- Tri-West (1)
- trust (3)
- TRUSTe (1)
- truste (1)
- twitter (4)
- Twitter (5)
- U.K. Data Protection Act (1)
- U.K. ICO (1)
- U.S. (1)
- U.S. Citizenship and Immigration Services (1)
- U.S. law (1)
- U.S. president (1)
- U.S. president vote voting privacy voting security (1)
- U.S. State Department (1)
- uberveillance (3)
- ubiquitous computing (1)
- UC Berkeley (2)
- UCLA Medical Center (1)
- UCM (1)
- United Airlines (1)
- United Kingdom (1)
- University of Iowa (1)
- University of Tennessee at Knoxville (1)
- University Toolkit (2)
- URAC (1)
- Urbandale (1)
- US-CERT (1)
- USA PATRIOT Act (3)
- USA SAFE WEB Act (1)
- VA (1)
- VA incident (2)
- VA privacy breach (1)
- Various Inc. (1)
- vendor management (1)
- vendor risks (1)
- vendor security assessment (1)
- vendor security management (1)
- Verisign (1)
- Vermont (1)
- Veterans Affairs (1)
- Victor Papagno (1)
- Victoria's Secret (1)
- Villanova incident (1)
- virtual worlds (1)
- virus (1)
- Visa (1)
- vishing (1)
- voice mail (1)
- voice recognition (1)
- vote (1)
- voting privacy (1)
- voting security (1)
- VSAC (1)
- vulnerability assessment (1)
- Wal-Mart (2)
- wardriving (1)
- web 2.0 (2)
- Web 2.0 (2)
- web bugs (2)
- webcasts (1)
- Websense (1)
- website privacy policies (1)
- West Des Moines (1)
- white house (1)
- whitehouse (1)
- Wii (1)
- William Bryant (1)
- WILLIAM REYNOLDS (1)
- Windows Vista (1)
- Windows XP (1)
- wired (1)
- Wired (1)
- wireless hack (1)
- wireless security (5)
- Worcs (1)
- work from home (1)
- workplace privacy (1)
- World Privacy Forum (2)
- Yahoo (1)
- YouTube (5)
- Zappos (1)
- Zhivargo Laing (1)