Search Realtime IT Compliance
Entries from Realtime Community | IT Compliance tagged with 'SSN'
Crooks Don't Need to Steal SSNs If They Can Create Valid SSNs Themselves
I've had some very interesting discussions about the CMU SSN study throughout the week, and, before moving on to other topics next week, I wanted to wrap up the week and discussion with some final thoughts on the CMU SSN...
Tags:
awareness and training
carnegie mellon
CMU
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
social engineering
social security number
SSN
Posted by Rebecca Herold on July 10, 2009 7:35 PM
Implications Of The CMU SSN Study: What Business Leaders Need To Understand
Following the release of the CMU SNN report on Monday, I've had some very interesting discussions with privacy and information security folks, and I've been pretty amazed at some of the reactions to the study. I also posted about this...
Tags:
awareness and training
carnegie mellon
CMU
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
social engineering
social security number
SSN
Posted by Rebecca Herold on July 8, 2009 8:26 PM
Study Proves SSNs Are Easily Guessed; Don't Use SSNs To Verify Identity Or As Passwords!
It is nice to have scientific evidence of what we've been telling business leaders ever since they wanted to start using SSNs as identifiers and passwords! Today Carnegie Mellon University (CMU) released a very revealing report, "Predicting Social Security numbers...
Tags:
awareness and training
carnegie mellon
CMU
information security
IT compliance
IT training
policies and procedures
privacy
privacy training
risk management
security training
social security number
SSN
Posted by Rebecca Herold on July 6, 2009 6:15 PM
FTC Publishes Report On SSNs and Identity Theft
Today the U.S. Federal Trade Commission (FTC) released a new report about social security numbers (SSNs), identity theft, and recommended 5 ways to help prevend having SSNs being used for identity theft......
Tags:
awareness and training
FTC
identity theft
information security
IT compliance
IT training
policies and procedures
privacy
privacy training
risk management
security training
social security number
SSN
Posted by Rebecca Herold on December 17, 2008 1:52 PM
Federal Agency SSN Use Mandate Has Been Removed!
On November 18 President Bush signed Executive Order 13478; see how/if it impacts your organization and how you use social security numbers (SSNs), and how it will impact how you require SSNs. And now you personall should NOT need to...
Tags:
awareness and training
Executive Order 13478
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
social security numbers
SSN
Posted by Rebecca Herold on November 30, 2008 1:29 PM
Despite 45+ U.S. Federal Laws, SSNs Still Widely Misused & Breached...Why?
It amazes me how many news articles are frequently reported that are related to the misuse or breach of social security numbers (SSN). Today just a few the stories that popped up included:...
Tags:
awareness and training
FTC
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
social security number
SSN
Posted by Rebecca Herold on August 20, 2008 4:23 PM
Is Your Accountant Sending Your Information Offshore?
Is your accountant or tax preparer sending your personally identifiable information (PII) offshore? Possibly. Here is the second part of the first article, "(Mis)Using Social Security Numbers in Business," within my August issue of IT Compliance in Realtime Journal, which...
Tags:
awareness and training
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
social security number
SSN
Posted by Rebecca Herold on August 15, 2008 8:00 PM
How Do You Use Social Security Numbers?
Recently I got a call from a representative of one of the free IT magazines I subscribe to. The rep wanted to renew my subscription, and needed to ask me a few "qualifying" questions first. Fine. When she asked, "What...
Tags:
awareness and training
information security
IT compliance
IT training
policies and procedures
privacy training
risk management
security training
social security number
SSN
Posted by Rebecca Herold on August 13, 2008 7:15 PM
More On Überveillance And Privacy
I recently blogged about "6 "Scary Stuff" Privacy Terms IT, Info Sec and Privacy Folks Should Know." I was very pleasantly surprised to hear from Dr. Michael G. Michael and his wife Dr. Katina Michael a couple of days ago...
Tags:
ambient technology
awareness and training
Dr. Katina Michael
Dr. Michael G. Michael
employee privacy
employee tracking
GPS tracking
information security
IT compliance
policies and procedures
privacy
privacy law
RFID
risk management
security awareness
security training
social security number
SSN
uberveillance
Posted by Rebecca Herold on January 3, 2008 10:50 AM
Responding To Customers Asking About Your Company's Use of SSNs
For the past 10 years I have been driving the same, reliable, non-troublesome car. It still looks good enough (I don't really worry about driving an "it" kind of car). However, it is getting a bit rattly, and my friends...
Tags:
awareness and training
FERPA
GLBA
HIPAA
identity theft
information security
Iowa law
IT compliance
personally identifiable information
PII
policies and procedures
privacy
privacy policy
risk management
security awareness
security training
social security number
SSN
Posted by Rebecca Herold on December 19, 2007 11:38 AM
Personnel Privacy, New I-9 Forms, Removal of SSN Requirements and IT Involvement
Early this year I did a data flow analysis for I-9 compliance, and I blogged a few months ago about I-9 related issues in "New Tennessee Law Prohibits Using Federal Individual Taxpayer ID as Proof of Immigration Status." I-9 compliance...
Tags:
awareness and training
DHS
employment issues
I-9 forms
Illegal Immigration Reform and Immigrant Responsibility Act of 1996
information security
IT compliance
policies and procedures
privacy
risk management
security risk
security training
social security numbers
SSN
U.S. Citizenship and Immigration Services
Posted by Rebecca Herold on November 18, 2007 7:37 PM
5-Point Checklist for Info Sec and Privacy Pros to Use for Data Protection and Privacy Law Compliance
One of the basic privacy principles is to limit the collection of personally identifiable information (PII) to only that which is necessary for the business purpose for which it is being collected. These privacy principles, built largely around the OECD...
Tags:
awareness and training
ID theft
identity theft
information security
IT compliance
OECD
PCI DSS
policies and procedures
privacy
privacy principles
privacy training
risk management
security training
SSN
Posted by Rebecca Herold on October 28, 2007 7:55 PM
Social Security Number No Match Rule: Employers Will Need to Prove Compliance
The new U.S. Social Security number (SSN) No Match Rule was published August 15 in the Federal Register. You can also see it here. This new regulation provides directives for the letters the U.S. Social Security Administration (SSA) issues to...
Tags:
awareness and training
department of homeland security
DHS
information security
IT compliance
no match letter
no match rule
PII
policies and procedures
privacy
risk management
social security administration
social security number
SSA
SSN
Posted by Rebecca Herold on August 20, 2007 10:10 AM
Site Tags
Site tags used on this blog:
- 2007 Global Security Survey (1)
- 2007 Year in Review (1)
- 21 CFR Part 11 (1)
- 4th of July (1)
- 5th Amendment (1)
- 9/11 (1)
- AB 211 (1)
- AB1298 (1)
- ABC News (1)
- ABC World News (1)
- ABN Amro (1)
- access control (3)
- access controls (2)
- AccuSearch (1)
- ACLU (1)
- ACUS (1)
- ADA (1)
- adam dodge (1)
- ADT (1)
- adult education (1)
- Adultfriendfinder (1)
- adware (1)
- AEPD (1)
- Aetna (1)
- AFL-CIO (1)
- AHIMA (1)
- Alarm King (1)
- Aleecia McDonald (1)
- Alert (1)
- Alycia Lane (2)
- Amazon (1)
- ambient technology (2)
- American Red Cross (1)
- American United Mortgage Company (1)
- Ameriprise (1)
- Ameriquest (1)
- Analysis Corp (1)
- anatomy of a privacy breach (2)
- Andrea Smith (1)
- Andrew Aguecheek (1)
- Andrew Hay (1)
- Andy Lin (1)
- andyitguy (1)
- anonymity (1)
- Anton Chuvakin (4)
- Anyck Turgeon (1)
- AOL (1)
- APEC (1)
- application security (3)
- application standards (1)
- applications security (1)
- Arizona (1)
- ASIS (1)
- Ask.com (1)
- Astroglide (1)
- Athens-Chilesburg Elementary School (1)
- ATM (1)
- audit logs (1)
- auditors (1)
- audits (1)
- Aurora (1)
- australia (1)
- Australia (2)
- authentication (4)
- Authorities Principles of Business (1)
- automated voice response systems (1)
- awareness (1)
- Awareness Advisor (1)
- awareness and training (796)
- awareness communications (1)
- baby monitor (1)
- Back From Vacation (1)
- background checks (1)
- backup (2)
- backup tapes (1)
- backups (1)
- Bahamas (1)
- Bank Of New York (1)
- bank security (1)
- Bankinfosecurity (1)
- bankinfosecurity (3)
- barack obama (1)
- Barack Obama (8)
- Barracuda Networks (1)
- bartok (1)
- BCAW (1)
- BCP (3)
- BCRs (1)
- behavioral advertising (2)
- behaviorial advertising (1)
- Ben Rothke (1)
- Berger Devine Yaeger (1)
- BeSafe (1)
- Best Buy (1)
- best practices (1)
- best privacy advisers (1)
- Beth Isreal (1)
- Better Business Bureau (2)
- Beye (1)
- Bill Gates (2)
- bill gates (1)
- Bill Richardson (1)
- billingworld (1)
- binding corporate rules (1)
- biobanking (1)
- biometrics (3)
- bird flu (1)
- BitTorrent (1)
- blackberry (1)
- BlackBerry security (1)
- blog (1)
- Blue Cross Blue Shield (1)
- Blue Cross/Blue Shield (1)
- BNAC (1)
- Boeing (1)
- botnet (2)
- Boucher (1)
- Bozeman (1)
- breach (1)
- breach law (17)
- breach notice (3)
- breach notice law (6)
- breach notice laws (2)
- breach notification (17)
- breach response (22)
- breach response law (1)
- breach response plan (1)
- breathalyzer (1)
- Brian Honan (2)
- Britney Spears (2)
- brokerage (1)
- BS 8470:2006 (2)
- BSA (4)
- BSI Management Systems (2)
- Bunneli (1)
- Bunnell (1)
- business associates (1)
- business continuity (4)
- Business Continuity Awareness Week (1)
- business continuity planning (1)
- business networking (1)
- business partner security review (1)
- business privacy (1)
- business recovery (1)
- Business Wire (1)
- call center training (4)
- call records (1)
- CAN-SPAM (3)
- capital 106.3 (1)
- carbon dioxide reduction (1)
- CardSystems (1)
- career (1)
- carnegie mellon (6)
- Carnegie Mellon (2)
- Carnegie Mellon University (1)
- case studies (1)
- Catskill Regional Medical Center (1)
- Catsouras (1)
- CBK (1)
- CCTV (1)
- cell phone (2)
- cell phone security (2)
- cell phones (1)
- Center for Democracy and Technology (1)
- Center for Strategic and International Studies (1)
- Central Coast Security (1)
- CENTRAL LABORERS’ PENSION FUND (1)
- Cerner (1)
- CERT (1)
- certified email (1)
- certify (3)
- change controls (1)
- Charles E. Ramos (1)
- Charles W. Courtney (1)
- check processing (1)
- Chet Culver (1)
- Chicago (1)
- children (1)
- children's privacy (1)
- China (1)
- Choicepoint (1)
- Chris Grillo (1)
- Christine Beatty (1)
- Christmas (1)
- Christophe Veltsos (1)
- Chukwemeka Felix Iroh (1)
- CIPA (1)
- CISP (1)
- CISSP (1)
- civil actions (2)
- civil suit (1)
- click wrap contract (1)
- cloud computing (2)
- CMDB (1)
- CMS (17)
- CMSU (1)
- CMU (3)
- CNIL (3)
- CNN (7)
- Columbia Pictures (2)
- common criteria (1)
- communication (2)
- compliance (10)
- compliance penalty (1)
- compliant (3)
- computer breach (1)
- computer crime (8)
- computer disposal (2)
- computer forensics (2)
- computer history (2)
- computer logs (1)
- Computerworld (2)
- conference discount (3)
- congress (2)
- Congressional Gold Medal (1)
- Connecticut (1)
- Constitution Project (1)
- Consumer Action (1)
- Consumer Federation of America (1)
- consumer fraud (2)
- contract (1)
- convictions (1)
- cookies (1)
- COPP (1)
- COPPA (2)
- copyrights (1)
- corporate communications (1)
- corporate governance (34)
- COSO (1)
- court decision (1)
- court ruling (1)
- Cox Communications (1)
- Craftmatic (1)
- Craigslist (1)
- credit card fraud (1)
- credit card security (2)
- credit reporting (1)
- credit reports (4)
- crickets (1)
- criminal checks (1)
- crminal (1)
- cross border data flow (4)
- CSI (10)
- CSIRT (1)
- CSIS (1)
- CUNA Mutual (1)
- customer privacy (8)
- customer service (2)
- customer service training (1)
- customer trust (1)
- Cutaway (1)
- Cutter Consortium (1)
- CVS (1)
- cyber crime (1)
- Cyber Promotions (1)
- cyber security (1)
- Cyber-Defense Competition (1)
- cyberattack (1)
- cybercrime (32)
- cybercriminal (1)
- cybercriminals (2)
- cyberdefense (1)
- CyberDefense Competition (1)
- cyberfraud (3)
- cybersecurity (2)
- cyberstreetsmart (1)
- cylab (3)
- CyLab (1)
- Dan Swanson (1)
- Dan York (1)
- Daniel A. Green (1)
- Daniel J. Solove (1)
- Dark Reading (1)
- data (1)
- data accuracy (2)
- data backup (1)
- data breach (3)
- data disposal (8)
- data leakage (6)
- data loss (6)
- data masking (2)
- data mining (9)
- data pollution (1)
- data privacy day (3)
- Data Privacy Day (3)
- data protection (21)
- Data Protection Act (2)
- data protection law (12)
- data retention (7)
- data safeguard standards (1)
- database security (1)
- Davi Ottenheimer (1)
- David Lynas (1)
- de-identification (1)
- death threat (1)
- deceased (1)
- defamation (1)
- Defcon (1)
- degauss (1)
- deidentifying data (1)
- Dell (1)
- Deloitte (1)
- DeMint (1)
- democrats (4)
- denial of service (1)
- Department of Commerce (2)
- Department of Defense (1)
- Department of Education (1)
- Department of Energy (1)
- department of homeland security (2)
- Department of Homeland Security (2)
- Department of Labor (1)
- Department of Revenue Services (1)
- department of transportation (1)
- Des Moines Register (3)
- DHS (11)
- DHS EBK (1)
- dial-up access (1)
- dialup (1)
- Didier Stevens (1)
- Direct Revenue (1)
- disaster plan (1)
- disaster recovery (6)
- disposal (8)
- disposal rule (3)
- Disposal Rule (2)
- DNA (1)
- Do Not Call (2)
- do not call (1)
- Do Not Call Registry (1)
- Do Not Track List (1)
- DoD (1)
- Dodd (1)
- DOE (1)
- Dogster (1)
- DOJ (1)
- DoJ (2)
- domain name (3)
- Donald Kerr (1)
- Dongfan Chung (1)
- Donn Parker (1)
- Doug Jacobson (1)
- DPPA (1)
- DR (1)
- Dr. Katina Michael (2)
- Dr. Michael G. Michael (2)
- Dr. W. Norman Scott (1)
- Drew Peterson (1)
- Droitwich (1)
- DRP (1)
- drug bust (1)
- drunken hacking (1)
- DSS (1)
- dubai (1)
- due diligence (1)
- dumb robbers (1)
- dumpster diving (3)
- e-discovery (4)
- e-mail (7)
- EC (1)
- ecommerce security (1)
- Eden Prairie (1)
- education (2)
- EFIOA (1)
- EHR (1)
- electronic discovery (2)
- Electronic Frontier Foundation (1)
- electronic health records (1)
- Eliot Spitzer (1)
- Elliot Spitzer (1)
- email (9)
- email communications (1)
- email incident (3)
- email mistakes (1)
- email monitoring (1)
- email privacy (1)
- email retention (1)
- email security (14)
- emergency management (2)
- emergency planning (1)
- Emily Hoelscher (1)
- employee law (1)
- employee privacy (14)
- employee screening (1)
- employee termination procedures (2)
- employee tracking (1)
- employment (1)
- employment issues (1)
- encrypt (5)
- encryption (47)
- encryption law (1)
- ENISA (2)
- enryption (2)
- epa (1)
- ethical hacker (1)
- ethics (4)
- EU (1)
- EU Data Protection Directive (8)
- EU e-Privacy Directive (1)
- EULA (2)
- Europe (1)
- European Commission (1)
- European Network and Information Security Agency (1)
- European Union (4)
- Executive Order 13478 (1)
- express consent (1)
- Express Scripts (1)
- extortion (2)
- Facebook (4)
- facebook (7)
- FACTA (11)
- FAF (1)
- Fair Labor Standards Act (1)
- Faith Heikkila (1)
- False Claims Act (2)
- FARC (1)
- FASB (1)
- FBI (6)
- FBI IDW (1)
- FCC (1)
- FCRA (7)
- FDIC (4)
- federal reserve (1)
- Federal Reserve Act (1)
- Federal Reserve Bank (1)
- Federal Reserve Board (1)
- Federal Trade Commission (1)
- FEI (2)
- Feinstein (1)
- FERPA (5)
- FFIEC (2)
- fireworks (1)
- FISA (2)
- FISA Amendments Act of 2008 (1)
- FISSEA (1)
- FLSA (1)
- FMLA (1)
- FOIA (2)
- Foreign Intelligence Surveillance Act (2)
- Fortune (1)
- Fourth of July (1)
- FPA (1)
- France (3)
- Francis Ford Coppola (1)
- fraud (1)
- Fred Hayes (1)
- free training (1)
- French (1)
- FSA (1)
- FTC (49)
- FTC Act (12)
- FTC ruling (1)
- Gal Shpantzer (1)
- GAO (2)
- Gary Hinson (2)
- Gavin Newsom (1)
- genetic data (1)
- genetic privacy (1)
- George Bush (1)
- George Clooney (2)
- GINA Law (1)
- GLBA (9)
- Global Crossing (1)
- Global Mortgage Funding (1)
- global security week (2)
- Global Security Week (10)
- Goodmail (1)
- Google (5)
- google (1)
- Google Apps (1)
- Google Chrome (1)
- Google Health (1)
- Google street view (1)
- Google streetview (1)
- Google walking directions (2)
- governance (1)
- government (70)
- government surveillance (1)
- GPO (1)
- GPS (1)
- GPS tracking (1)
- Gramm Leach Bliley (1)
- Gramm Leach Bliley Act (1)
- Gregg William Bergersen (1)
- grillo (1)
- Grillo (3)
- Guardian Communications (1)
- hacker (9)
- hacker safe (1)
- hacker safe seal (1)
- hackers (4)
- hacking (1)
- harp (1)
- HCPro (1)
- health data privacy (2)
- health insurance portability and accountability act (6)
- Health Insurance Portability and Accountability Act (4)
- Health Net (1)
- healthcare (1)
- healthcare security (1)
- HealthVault (1)
- Healtvault (1)
- Herb Kohl (1)
- HERBERT ALLEN (1)
- HHS (31)
- hillary clinton (1)
- Hillary Clinton (2)
- HIPAA (106)
- hipaa (1)
- HIPAA enforcement (1)
- HIPAA sanction (1)
- HITECH (7)
- hitech act (1)
- HITECH Act (25)
- holiday (1)
- home office (1)
- Homeland Security (1)
- Homeland Stupidity (1)
- honey stick (1)
- Horizon (1)
- Hospital Sisters of the Third Order of St. Francis (1)
- hot jobs (1)
- Howard Dean (1)
- Howie Day (1)
- HR (1)
- HSPD-12 (1)
- humor (1)
- I-9 documents (1)
- I-9 forms (1)
- IAPP (4)
- ICANN (1)
- iconix (1)
- ID theft (3)
- identity fraud (6)
- identity management (2)
- identity theft (49)
- identity theft insurance (1)
- Identity Theft Prevention Program (2)
- identity verification (2)
- Ifeyhewen Badidi (1)
- Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (1)
- IM (2)
- IM security (2)
- image spam (2)
- implied consent (2)
- inauguration (1)
- incident (1)
- incident response (2)
- income tax (1)
- Independence Day (1)
- information assurance (6)
- information classification (1)
- information disposal (2)
- information reclamation (1)
- information security (794)
- information security and privacy collaboration (1)
- information security and privacy convergence (2)
- information security policies (6)
- information security profession (1)
- information security study (1)
- Information Shield (1)
- infosecblog (1)
- Infragard (3)
- ingestible bugs (1)
- insider threat (48)
- instant messaging (5)
- Institute of Medicine (1)
- insurance (1)
- INTEGRATED ELECTRICAL SERVICES INC (1)
- intellectual property (3)
- International Association of Privacy Professionals (1)
- international data transfer (1)
- international space station (1)
- International Trade Commission (1)
- Internet (1)
- internet (1)
- Internet history (1)
- Internet Safety Night (1)
- Internet security (2)
- Internet use (2)
- intrusion detection (1)
- invasion of privacy (1)
- IOM (1)
- Iowa (4)
- iowa anti-spam law (1)
- iowa anti-spoof law (1)
- Iowa caucus (4)
- Iowa law (3)
- Iowa ruling (1)
- Iowa State Fair (1)
- Iowa State University (2)
- IowaLandRecords.org (1)
- IP address (1)
- ipod (1)
- ipod security (1)
- IRS (2)
- Irving Escobar (1)
- ISACA (3)
- ISMS (4)
- ISO 27001 (3)
- ISO 27001 certification (3)
- ISO 27002 (1)
- ISO/IEC 17799:2005 (1)
- ISO/IEC 27002 (1)
- ISO/IEC 27005:2008 (1)
- ISSA (1)
- IT (1)
- IT audit (1)
- it compliance (1)
- IT compliance (790)
- IT Compliance (1)
- IT Compliance in Realtime (4)
- IT Compliance in Realtime Journal (1)
- IT Compliance Institute (1)
- IT compliance privacy (1)
- IT security (1)
- IT security Essential Body of Knowledge (1)
- IT security training (1)
- IT training (270)
- ITIL (2)
- ITRC breach report (1)
- itunes (1)
- Ivinson Memorial Hospital (2)
- jail time (1)
- James M. DiBlasio (1)
- Japan (1)
- Jason Fortuny (1)
- Jason Purslow (1)
- Jay Cline (1)
- Jay Meckenstock (2)
- Jeffrey B. Goodin (1)
- JEFFREY PUGH (1)
- Jerry Miller (1)
- job opportunity (1)
- jody westby (1)
- Joe Lindstrom (1)
- John Boehner (1)
- John Brandon (2)
- John DiMaria (2)
- John Edwards (1)
- john mccain (1)
- John McCain (1)
- John Snyder (1)
- Johseph Nathaniel Harris (1)
- judgment (1)
- Justin Peltier (1)
- Karen Curtis (1)
- Katrina (1)
- Kelly Sonora (1)
- Kentucky (1)
- kernell (1)
- Kevin Beaver (3)
- key logger (1)
- keylogger (1)
- kramer (1)
- Kwame Kilpatrick (1)
- Kyoung Suk Kim (1)
- KYW-TV (1)
- Lamont Wallace (1)
- laptop incident (1)
- laptop loss (1)
- laptop security (4)
- laptop theft (18)
- laptops (1)
- Larry Craig (1)
- Larry Mendte (2)
- Larry Ponemon (1)
- Latanya Sweeney (1)
- Latitude (1)
- Laurie Young (1)
- law (3)
- law enforcement (2)
- laws (1)
- lawsuit (1)
- leadership (1)
- Leahy (1)
- legal contracts (1)
- legislation (2)
- Lending Tree (1)
- Leonardo Cervera (1)
- Leslie A. Howell (2)
- Leslie Howell (1)
- license agreement (1)
- life is good (1)
- Lime Wire (1)
- Linda McGlasson (1)
- LinkedIn (5)
- lithium batteries (1)
- Live Earth (2)
- locational privacy (1)
- log compliance (1)
- log management (6)
- logging (5)
- logic bomb (2)
- logs (5)
- logs review (1)
- Lorrie Faith Cranor (1)
- lost and found (1)
- lost laptop (3)
- lost laptops (1)
- Maine (1)
- malicious software (1)
- malware (5)
- Marc Groman (1)
- Marie Cooley (1)
- Mark Jacobs (1)
- marketing (1)
- Martin McKeay (1)
- Maryland (1)
- Massachusetts (1)
- Massachusetts law (2)
- massachusetts privacy law (1)
- MBTA (1)
- McCain (1)
- McDonald's (1)
- McKee Clinic (1)
- Medco (1)
- medical identity theft (8)
- MedicAlert (1)
- meditech (1)
- meetings (1)
- memorial day (1)
- Merrick Bank (1)
- messaging privacy (4)
- messaging risks (1)
- messaging security (8)
- messaging technology (1)
- MetaBank (1)
- metadata (1)
- Metropolitan Sewer District (1)
- Michael Chertoff (1)
- Michael Mauro (1)
- Michael Mimitruk (1)
- Michael Santarcangelo (1)
- Michigan (1)
- micro-blog (1)
- microsoft (1)
- Microsoft (6)
- Mike Brennan (1)
- Minnesota (2)
- miracle wheat (1)
- miscellaneous (2)
- Missouri (1)
- Missouri Department of Revenue (1)
- MIT (1)
- mobile computer security (1)
- mobile computing (7)
- mobile computing risks (4)
- mobile security (2)
- mobile working (1)
- monitoring (6)
- MOREnet (1)
- Morrissey (1)
- Mother's Day (1)
- mp3 (1)
- MPAA (2)
- MSIA (3)
- multi-factor authentication (1)
- music (1)
- Myspace (1)
- myspace (5)
- MySpace (3)
- mytechnologylawyer (1)
- NAI (1)
- nanotechnology (1)
- NASA (1)
- National Consumer Protection Week (1)
- National Identity Fraud Prevention Week (1)
- national intelligence (1)
- National Security Letters (3)
- Naval Research Laboratory (1)
- NetSec (1)
- Network Advertising Initiative (1)
- Network Systems Architects (1)
- Nevada (3)
- New York (1)
- new york attorney general (1)
- New York Supreme Court (1)
- New Zealand (1)
- NHLBI (1)
- Nicole Lanae Stevenson (2)
- Niedermeier (1)
- NISSAN (1)
- NIST (8)
- NISTIR (1)
- NISTIR 7628 (2)
- Nith Circuit (1)
- NLRB (1)
- no match letter (1)
- no match rule (1)
- noncompliance penalty (2)
- Norman Borlaug (1)
- Northeastern University (1)
- Norwich (2)
- Norwich Union Life (1)
- Norwich University (1)
- NRS 597.970 (1)
- NSA (4)
- nucleus research (1)
- nymity (1)
- Nymity (1)
- Obama (2)
- OCC (1)
- OCR (15)
- ODNI (1)
- oecd (1)
- OECD (2)
- OECD privacy principles (1)
- OESS (1)
- Office of Personnel Management (1)
- Ohio (2)
- Ohio Department of Administrative Services (1)
- OIG (1)
- OMB (1)
- One Laptop Per Child (1)
- online scams (1)
- Ontario Police Department (1)
- Opt-in (1)
- opt-out (1)
- orkut (1)
- OTS (2)
- outsourcing (3)
- outsourcing risks (2)
- outsourcing security (1)
- P2P (1)
- P2P security (1)
- PA-DSS (1)
- Pakistan (1)
- Palin (1)
- Palisades Medical Center (1)
- Panda Security (1)
- pandemic (2)
- Pandora's box (1)
- Paris Hilton (1)
- passport-gate (2)
- passports (1)
- password security (1)
- passwords (2)
- patient information (1)
- patient privacy (57)
- patient privacyimpact assessment (1)
- patient security (1)
- Patriot Act (3)
- Paula Abdul (1)
- PCAOB (1)
- PCI (6)
- PCI DSS (14)
- PCI Security Standards Council (1)
- PDF (1)
- Peak: How Great Companies Get Their Mojo from Maslow (1)
- peggy whitson (1)
- penetration test (2)
- perez (1)
- personal (2)
- personal data breach (6)
- personal data protection (2)
- personal information (3)
- personal information breach (1)
- personal information incident (1)
- personal information privacy (2)
- personal information protection (2)
- personal privacy (15)
- personally (1)
- personally identifiable informatio (1)
- personally identifiable information (91)
- Peter Tippett (1)
- PETs (1)
- PGP (2)
- PHI (18)
- Phil Bredesen (1)
- phishing (13)
- phone calls (1)
- PHR (3)
- PIA (12)
- Piedmont Hospital (3)
- PII (118)
- PII personally identifiable informaton (1)
- PIPEDA (1)
- Planet PDF (1)
- podcast (8)
- police (1)
- police scanner (1)
- policies and (2)
- policies and procedures (743)
- politics (1)
- ponemon (1)
- Ponemon Institute (3)
- Ponemon study (1)
- Popular Science (2)
- popup marketing (1)
- Portugal privacy law (1)
- Premier Capital (1)
- pretexting (2)
- PricewaterhouseCoopers (3)
- privacy (429)
- Privacy Act (1)
- Privacy Activism (1)
- privacy and security Week (1)
- Privacy Award (1)
- privacy awareness (20)
- privacy bills (3)
- privacy bird (1)
- privacy breach (94)
- privacy breach notice laws (2)
- privacy breach notifications (1)
- privacy breach response (1)
- privacy breach response plan (1)
- privacy breach study (1)
- privacy breaches (3)
- privacy commissioner (1)
- privacy compliance (7)
- privacy enhancing technologies (1)
- privacy experts (1)
- privacy framework (1)
- privacy impact assessment (12)
- privacy impact calculator (1)
- privacy incident (29)
- privacy incidents (1)
- privacy issues (1)
- Privacy Journal (1)
- privacy law (32)
- privacy management (1)
- privacy management toolkit (1)
- privacy ombudsman (1)
- privacy policies (2)
- privacy policy (47)
- privacy policy change (1)
- privacy poll (2)
- privacy principles (4)
- privacy professor (1)
- Privacy Rights Clearinghouse (1)
- Privacy Rule (6)
- privacy rule (16)
- privacy studies (1)
- privacy study (1)
- privacy survey (1)
- privacy tools (2)
- privacy training (315)
- privacyprof (2)
- program changes (1)
- protected health information (3)
- Protecting Information (5)
- protecting information (4)
- Providence Health & Services (1)
- Public Information Research (1)
- public schools (1)
- publicdata.com (1)
- PwC (3)
- QSA (3)
- Raelyn Campbell (1)
- ransomware (1)
- Ray Kaplan (1)
- RBS Worldpay (1)
- REAL ID (2)
- Red Flags Rule (4)
- Red Flags rule (1)
- Red Flags Rules (1)
- registration redemption (3)
- Regulation S-P (1)
- regulatory compliance (27)
- regulatory enforcement (1)
- Remberto Sarmiento (1)
- remote computing (1)
- republicans (4)
- Republicans (1)
- reputation (1)
- research data (1)
- retail security (1)
- retention (2)
- retention law (1)
- RFID (3)
- Rhode Island Hospital (1)
- Richard Ellis Smith (1)
- richard power (1)
- Richard Power (2)
- Richard Swart (1)
- Richard Thomas (1)
- risk (8)
- risk management (575)
- risk management. data loss (1)
- running (2)
- Ryan Sherstobitoff (1)
- Safe Harbor (2)
- safecode (1)
- Safeguards Rule (4)
- Safer Internet Day (1)
- SAI Global (1)
- Samuel Bodman (1)
- San Jose Medical Group (1)
- sanction (1)
- sanctions (1)
- Santa (2)
- Sarah Palin (1)
- Sarbanes Oxley (8)
- saturday night live (1)
- Saudi Arabia (1)
- Savvis (1)
- SB 227 (1)
- SB 347 (1)
- SB 541 (1)
- SB1386 (1)
- SC Magazine (2)
- Schumer (1)
- sciarrone (1)
- science (1)
- Scientific American (1)
- Scott Charney (1)
- Scott Draughon (1)
- Scott Wright (1)
- scott wright (2)
- SDLC (9)
- search engines (1)
- SEC (2)
- Section 404 (6)
- Secure 360 (1)
- secure applications (2)
- Secure Your ID Day (2)
- security (4)
- security and privacy collaboration (2)
- security and privacy convergence (1)
- security awareness (163)
- security benchmark (1)
- Security Catalyst (1)
- security certification (1)
- security controls (1)
- security incident (3)
- Security Insider (1)
- security law (6)
- security podcast (1)
- security policies (1)
- security policy (1)
- security poll (2)
- security risk (23)
- security roundtable (1)
- security rule (13)
- Security Rule (3)
- security sanctions (2)
- security software (2)
- security survey (1)
- security testing (1)
- security tools (2)
- security training (485)
- security vendor (1)
- security vendors (1)
- separation of duties (1)
- service level agreements (1)
- Shadowsoft (1)
- Shane Kelly (1)
- Shirk (1)
- shoes (1)
- Shon Harris (1)
- shredding (1)
- SID (1)
- SIIA (1)
- SIM cards (1)
- Simbaqueba Bonilla (1)
- smart card (1)
- Smart Grid (5)
- Smart Meter (2)
- SmartGrid (4)
- smartphone security (1)
- SMB (4)
- SMB security (3)
- SMBs (4)
- social (2)
- social engineering (14)
- social network (2)
- social network security (1)
- social networking (7)
- social networking safety (1)
- social networking sites (1)
- social networks (1)
- social psychology (1)
- social security administration (1)
- social security number (11)
- social security numbers (5)
- software certification (1)
- software licensing (3)
- software pirating (1)
- software quality assurance (1)
- software security (1)
- SOX (9)
- SP 800-122 (1)
- space shuttle (1)
- Spain (1)
- spam (8)
- spam law (1)
- Speaker (2)
- speaking (1)
- spoofing (1)
- spy (1)
- spyware (3)
- SSA (2)
- SSN (13)
- SSNs (1)
- stamps (1)
- standards (1)
- Stanley Inc (1)
- Starbucks (1)
- state breach notice laws (1)
- state data protection law (3)
- state employment law (1)
- state law (1)
- Steven E. Hutchins Architects (1)
- Steven William Sutcliffe (1)
- stolen computer (3)
- stolen laptop (10)
- stolen laptops (3)
- stolen mail (1)
- storage (1)
- Streetwise Security Coach (1)
- streetwise security zone (1)
- supreme court (1)
- surveillance (26)
- Swift (2)
- Symantec (1)
- systems development (3)
- T-Mobile (1)
- Talk America (1)
- taxpayer identification number (1)
- technology (1)
- telecommunications (1)
- telemarketer (1)
- teleworking (1)
- Tennessee (1)
- terms of use (1)
- terrorist (2)
- Terry Childs (1)
- Texas Credit Services Organizations Act (1)
- Texas Deceptive Trade Practices Act (1)
- Texas EZPAwn (1)
- Texas Identity Theft Enforcement and Protection Act (1)
- text message security (2)
- text messages (2)
- texting (1)
- The Consulting Association (1)
- The Economist Intelligence Unit (1)
- The Office (1)
- theft (1)
- third party security (4)
- this day in history (1)
- TJX (2)
- TJX breach (1)
- Toby Levin (1)
- Tom Peltier (1)
- Top 50 Security Blogs (1)
- topless meetings (1)
- Torrentspy (1)
- trademarks (1)
- training (2)
- travel (1)
- travel safety (1)
- travel security (1)
- Tri-West (1)
- trust (3)
- truste (1)
- TRUSTe (1)
- twitter (4)
- Twitter (5)
- U.K. Data Protection Act (1)
- U.K. ICO (1)
- U.S. (1)
- U.S. Citizenship and Immigration Services (1)
- U.S. law (1)
- U.S. president (1)
- U.S. president vote voting privacy voting security (1)
- U.S. State Department (1)
- uberveillance (3)
- ubiquitous computing (1)
- UC Berkeley (2)
- UCLA Medical Center (1)
- UCM (1)
- United Airlines (1)
- United Kingdom (1)
- University of Iowa (1)
- University of Tennessee at Knoxville (1)
- University Toolkit (2)
- URAC (1)
- Urbandale (1)
- US-CERT (1)
- USA PATRIOT Act (3)
- USA SAFE WEB Act (1)
- VA (1)
- VA incident (2)
- VA privacy breach (1)
- Various Inc. (1)
- vendor management (1)
- vendor risks (1)
- vendor security assessment (1)
- vendor security management (1)
- Verisign (1)
- Vermont (1)
- Veterans Affairs (1)
- Victor Papagno (1)
- Victoria's Secret (1)
- Villanova incident (1)
- virtual worlds (1)
- virus (1)
- Visa (1)
- vishing (1)
- voice mail (1)
- voice recognition (1)
- vote (1)
- voting privacy (1)
- voting security (1)
- VSAC (1)
- vulnerability assessment (1)
- Wal-Mart (2)
- wardriving (1)
- web 2.0 (2)
- Web 2.0 (2)
- web bugs (2)
- webcasts (1)
- Websense (1)
- website privacy policies (1)
- West Des Moines (1)
- white house (1)
- whitehouse (1)
- Wii (1)
- William Bryant (1)
- WILLIAM REYNOLDS (1)
- Windows Vista (1)
- Windows XP (1)
- wired (1)
- Wired (1)
- wireless hack (1)
- wireless security (5)
- Worcs (1)
- work from home (1)
- workplace privacy (1)
- World Privacy Forum (2)
- Yahoo (1)
- YouTube (5)
- Zappos (1)
- Zhivargo Laing (1)