Search Realtime IT Compliance
Entries from Realtime Community | IT Compliance tagged with 'data protection law'
CORRECTION: Massachusetts Data Protection Law Takes Effect May 1, 2009
A big thank you to Brandon Dunlap and Brett Myers for catching an error I made in my January 1 post......
Tags:
awareness and training
data protection law
information security
IT compliance
IT training
Massachusetts law
policies and procedures
privacy law
privacy training
risk management
security training
Posted by Rebecca Herold on January 3, 2009 9:25 PM
New Data Protection Laws Go Into Effect Today
Happy New Year! Several news laws go into effect today. Here are just a few of them......
Tags:
AB 211
awareness and training
data protection law
FMLA
information security
IT compliance
IT training
Massachusetts law
policies and procedures
privacy law
privacy training
risk management
SB 541
security training
Posted by Rebecca Herold on January 1, 2009 2:55 PM
PII Encryption Required by New Massachusetts and Nevada Laws
There is a growing trend in laws that require personally identifiable information (PII) to be encrypted. Encryption in past laws have been directed to be considered based upon risk, but now they are more explicitly required in some laws....
Tags:
awareness and training
data protection law
encryption
information security
IT compliance
IT training
Massachusetts
Nevada
policies and procedures
privacy law
privacy training
risk management
security training
Posted by Rebecca Herold on September 29, 2008 8:58 AM
Useful Data Protection (Privacy) Law Sites
This morning I took a little time to update my long listing of world-wide data protection (privacy) laws. Here are some of them you may find helpful:...
Tags:
awareness and training
data protection law
information security
IT compliance
policies and procedures
privacy law
risk management
security awareness
security training
Posted by Rebecca Herold on March 19, 2008 10:40 AM
Judge Rules University Policy & FERPA Allow Student PII To Be Released
Here's a case I found interesting...the U.S. District Court for the Eastern District of Tennessee ruled on October 24th that providing a group of record company plaintiffs with student personally identifiable information (PII) does not violate the U.S. Family Educational...
Tags:
awareness and training
congress
data protection law
FERPA
government
information security
IT compliance
personally identifiable information
PII
policies and procedures
privacy
privacy law
risk management
security law
security training
University of Tennessee at Knoxville
Posted by Rebecca Herold on November 6, 2007 8:49 PM
Insider Threat Lessons: Posting Threats And Personnel PII On The Internet Establishes Federal Jurisdiction
Here's another insider threat example to know and to discuss with your legal counsel and HR folks. It highlights the need for information security and privacy policies, shows how information security and privacy must work with multiple areas on an...
Tags:
awareness and training
cybercrime
data protection law
Global Crossing
identity theft
information security
insider threat
IT compliance
policies and procedures
privacy
privacy law
risk management
security law
security training
Steven William Sutcliffe
Posted by Rebecca Herold on November 5, 2007 2:30 AM
Do Something To Change Information Security, Privacy and Compliance...Contact Congress!
I, along with a very large number of other bloggers, writers and instructors, often pick apart data protection and privacy laws and regulations, and point out how certain portions of them are infeasible for most organizations to implement, and talk...
Tags:
awareness and training
congress
data protection law
government
information security
IT compliance
policies and procedures
privacy
privacy law
risk management
security law
security training
Posted by Rebecca Herold on November 4, 2007 8:54 AM
Information Security Awareness in Europe...The Issues Are the Same Worldwide
on 8/22/2007 a very interesting and useful report was released by the European Network and Information Security Agency (ENISA), "Information security awareness initiatives: Current practice and the measurement of success."...
Tags:
awareness and training
data protection law
ENISA
EU Data Protection Directive
European Union
information security
IT compliance
personally identifiable information
PII
policies and procedures
PricewaterhouseCoopers
privacy
privacy law
risk management
Posted by Rebecca Herold on August 24, 2007 1:29 PM
EU Data Protection Directive 95/46/EC: Member Countries
Multi-national organizations doing business in Europe must know and understand not only their obligations to protect personally identifiable information (PII) under the European Union (EU) Data Protection Directive 95/45/EC, but they must also know and understand the data protection laws...
Tags:
awareness and training
data protection law
EU Data Protection Directive
European Union
information security
IT compliance
policies and procedures
privacy
privacy law
risk management
Posted by Rebecca Herold on August 22, 2007 11:31 AM
Outsourcing: Dubai Strengthens Data Protection Law
On Monday (1/8) the Dubai International Financial Centre (DIFC) implemented a stronger Data Protection Law and appointed a Data Protection Commission to oversee the DIFC. "The Data Protection Law, which has been amended following a period of public consultation, ensures...
Tags:
awareness and training
data protection law
dubai
government
information security
IT compliance
outsourcing
policies and procedures
privacy
Posted by Rebecca Herold on January 11, 2007 9:08 AM
12 Privacy-Impacting U.S. Federal Bills Introduced on January 4
On January 4th the 110th U.S. congress convened for the first time, and they did not waste any time introducing many new bills. 12 of them have privacy impacts. You can find more information about each of these at the...
Tags:
awareness and training
data protection law
education
employment
government
information security
internet
IT compliance
privacy
social security numbers
surveillance
telecommunications
travel
Posted by Rebecca Herold on January 10, 2007 10:33 AM
Demystifying Privacy Laws: What You Need to Know to Protect Your Business
We are undergoing a data protection renaissance. New laws have considerably expanded corporate obligations regarding security and privacy for information in all forms. A significant obligation of the laws is applicable to basically all organizations; the duty to provide reasonable...
Tags:
awareness and training
corporate governance
data protection law
government
information security
IT compliance
podcast
privacy
privacy law
Posted by Rebecca Herold on June 30, 2006 1:17 PM
Site Tags
Site tags used on this blog:
- 2007 Global Security Survey (1)
- 2007 Year in Review (1)
- 21 CFR Part 11 (1)
- 4th of July (1)
- 5th Amendment (1)
- 9/11 (1)
- AB 211 (1)
- AB1298 (1)
- ABC News (1)
- ABC World News (1)
- ABN Amro (1)
- access control (3)
- access controls (2)
- AccuSearch (1)
- ACLU (1)
- ACUS (1)
- ADA (1)
- adam dodge (1)
- ADT (1)
- adult education (1)
- Adultfriendfinder (1)
- adware (1)
- AEPD (1)
- Aetna (1)
- AFL-CIO (1)
- AHIMA (1)
- Alarm King (1)
- Aleecia McDonald (1)
- Alert (1)
- Alycia Lane (2)
- Amazon (1)
- ambient technology (2)
- American Red Cross (1)
- American United Mortgage Company (1)
- Ameriprise (1)
- Ameriquest (1)
- Analysis Corp (1)
- anatomy of a privacy breach (2)
- Andrea Smith (1)
- Andrew Aguecheek (1)
- Andrew Hay (1)
- Andy Lin (1)
- andyitguy (1)
- anonymity (1)
- Anton Chuvakin (4)
- Anyck Turgeon (1)
- AOL (1)
- APEC (1)
- application security (3)
- application standards (1)
- applications security (1)
- Arizona (1)
- ASIS (1)
- Ask.com (1)
- Astroglide (1)
- Athens-Chilesburg Elementary School (1)
- ATM (1)
- audit logs (1)
- auditors (1)
- audits (1)
- Aurora (1)
- australia (1)
- Australia (2)
- authentication (4)
- Authorities Principles of Business (1)
- automated voice response systems (1)
- awareness (1)
- Awareness Advisor (1)
- awareness and training (796)
- awareness communications (1)
- baby monitor (1)
- Back From Vacation (1)
- background checks (1)
- backup (2)
- backup tapes (1)
- backups (1)
- Bahamas (1)
- Bank Of New York (1)
- bank security (1)
- Bankinfosecurity (1)
- bankinfosecurity (3)
- barack obama (1)
- Barack Obama (8)
- Barracuda Networks (1)
- bartok (1)
- BCAW (1)
- BCP (3)
- BCRs (1)
- behavioral advertising (2)
- behaviorial advertising (1)
- Ben Rothke (1)
- Berger Devine Yaeger (1)
- BeSafe (1)
- Best Buy (1)
- best practices (1)
- best privacy advisers (1)
- Beth Isreal (1)
- Better Business Bureau (2)
- Beye (1)
- Bill Gates (2)
- bill gates (1)
- Bill Richardson (1)
- billingworld (1)
- binding corporate rules (1)
- biobanking (1)
- biometrics (3)
- bird flu (1)
- BitTorrent (1)
- blackberry (1)
- BlackBerry security (1)
- blog (1)
- Blue Cross Blue Shield (1)
- Blue Cross/Blue Shield (1)
- BNAC (1)
- Boeing (1)
- botnet (2)
- Boucher (1)
- Bozeman (1)
- breach (1)
- breach law (17)
- breach notice (3)
- breach notice law (6)
- breach notice laws (2)
- breach notification (17)
- breach response (22)
- breach response law (1)
- breach response plan (1)
- breathalyzer (1)
- Brian Honan (2)
- Britney Spears (2)
- brokerage (1)
- BS 8470:2006 (2)
- BSA (4)
- BSI Management Systems (2)
- Bunneli (1)
- Bunnell (1)
- business associates (1)
- business continuity (4)
- Business Continuity Awareness Week (1)
- business continuity planning (1)
- business networking (1)
- business partner security review (1)
- business privacy (1)
- business recovery (1)
- Business Wire (1)
- call center training (4)
- call records (1)
- CAN-SPAM (3)
- capital 106.3 (1)
- carbon dioxide reduction (1)
- CardSystems (1)
- career (1)
- carnegie mellon (6)
- Carnegie Mellon (2)
- Carnegie Mellon University (1)
- case studies (1)
- Catskill Regional Medical Center (1)
- Catsouras (1)
- CBK (1)
- CCTV (1)
- cell phone (2)
- cell phone security (2)
- cell phones (1)
- Center for Democracy and Technology (1)
- Center for Strategic and International Studies (1)
- Central Coast Security (1)
- CENTRAL LABORERS’ PENSION FUND (1)
- Cerner (1)
- CERT (1)
- certified email (1)
- certify (3)
- change controls (1)
- Charles E. Ramos (1)
- Charles W. Courtney (1)
- check processing (1)
- Chet Culver (1)
- Chicago (1)
- children (1)
- children's privacy (1)
- China (1)
- Choicepoint (1)
- Chris Grillo (1)
- Christine Beatty (1)
- Christmas (1)
- Christophe Veltsos (1)
- Chukwemeka Felix Iroh (1)
- CIPA (1)
- CISP (1)
- CISSP (1)
- civil actions (2)
- civil suit (1)
- click wrap contract (1)
- cloud computing (2)
- CMDB (1)
- CMS (17)
- CMSU (1)
- CMU (3)
- CNIL (3)
- CNN (7)
- Columbia Pictures (2)
- common criteria (1)
- communication (2)
- compliance (10)
- compliance penalty (1)
- compliant (3)
- computer breach (1)
- computer crime (8)
- computer disposal (2)
- computer forensics (2)
- computer history (2)
- computer logs (1)
- Computerworld (2)
- conference discount (3)
- congress (2)
- Congressional Gold Medal (1)
- Connecticut (1)
- Constitution Project (1)
- Consumer Action (1)
- Consumer Federation of America (1)
- consumer fraud (2)
- contract (1)
- convictions (1)
- cookies (1)
- COPP (1)
- COPPA (2)
- copyrights (1)
- corporate communications (1)
- corporate governance (34)
- COSO (1)
- court decision (1)
- court ruling (1)
- Cox Communications (1)
- Craftmatic (1)
- Craigslist (1)
- credit card fraud (1)
- credit card security (2)
- credit reporting (1)
- credit reports (4)
- crickets (1)
- criminal checks (1)
- crminal (1)
- cross border data flow (4)
- CSI (10)
- CSIRT (1)
- CSIS (1)
- CUNA Mutual (1)
- customer privacy (8)
- customer service (2)
- customer service training (1)
- customer trust (1)
- Cutaway (1)
- Cutter Consortium (1)
- CVS (1)
- cyber crime (1)
- Cyber Promotions (1)
- cyber security (1)
- Cyber-Defense Competition (1)
- cyberattack (1)
- cybercrime (32)
- cybercriminal (1)
- cybercriminals (2)
- cyberdefense (1)
- CyberDefense Competition (1)
- cyberfraud (3)
- cybersecurity (2)
- cyberstreetsmart (1)
- cylab (3)
- CyLab (1)
- Dan Swanson (1)
- Dan York (1)
- Daniel A. Green (1)
- Daniel J. Solove (1)
- Dark Reading (1)
- data (1)
- data accuracy (2)
- data backup (1)
- data breach (3)
- data disposal (8)
- data leakage (6)
- data loss (6)
- data masking (2)
- data mining (9)
- data pollution (1)
- data privacy day (3)
- Data Privacy Day (3)
- data protection (21)
- Data Protection Act (2)
- data protection law (12)
- data retention (7)
- data safeguard standards (1)
- database security (1)
- Davi Ottenheimer (1)
- David Lynas (1)
- de-identification (1)
- death threat (1)
- deceased (1)
- defamation (1)
- Defcon (1)
- degauss (1)
- deidentifying data (1)
- Dell (1)
- Deloitte (1)
- DeMint (1)
- democrats (4)
- denial of service (1)
- Department of Commerce (2)
- Department of Defense (1)
- Department of Education (1)
- Department of Energy (1)
- department of homeland security (2)
- Department of Homeland Security (2)
- Department of Labor (1)
- Department of Revenue Services (1)
- department of transportation (1)
- Des Moines Register (3)
- DHS (11)
- DHS EBK (1)
- dial-up access (1)
- dialup (1)
- Didier Stevens (1)
- Direct Revenue (1)
- disaster plan (1)
- disaster recovery (6)
- disposal (8)
- disposal rule (3)
- Disposal Rule (2)
- DNA (1)
- Do Not Call (2)
- do not call (1)
- Do Not Call Registry (1)
- Do Not Track List (1)
- DoD (1)
- Dodd (1)
- DOE (1)
- Dogster (1)
- DoJ (2)
- DOJ (1)
- domain name (3)
- Donald Kerr (1)
- Dongfan Chung (1)
- Donn Parker (1)
- Doug Jacobson (1)
- DPPA (1)
- DR (1)
- Dr. Katina Michael (2)
- Dr. Michael G. Michael (2)
- Dr. W. Norman Scott (1)
- Drew Peterson (1)
- Droitwich (1)
- DRP (1)
- drug bust (1)
- drunken hacking (1)
- DSS (1)
- dubai (1)
- due diligence (1)
- dumb robbers (1)
- dumpster diving (3)
- e-discovery (4)
- e-mail (7)
- EC (1)
- ecommerce security (1)
- Eden Prairie (1)
- education (2)
- EFIOA (1)
- EHR (1)
- electronic discovery (2)
- Electronic Frontier Foundation (1)
- electronic health records (1)
- Eliot Spitzer (1)
- Elliot Spitzer (1)
- email (9)
- email communications (1)
- email incident (3)
- email mistakes (1)
- email monitoring (1)
- email privacy (1)
- email retention (1)
- email security (14)
- emergency management (2)
- emergency planning (1)
- Emily Hoelscher (1)
- employee law (1)
- employee privacy (14)
- employee screening (1)
- employee termination procedures (2)
- employee tracking (1)
- employment (1)
- employment issues (1)
- encrypt (5)
- encryption (47)
- encryption law (1)
- ENISA (2)
- enryption (2)
- epa (1)
- ethical hacker (1)
- ethics (4)
- EU (1)
- EU Data Protection Directive (8)
- EU e-Privacy Directive (1)
- EULA (2)
- Europe (1)
- European Commission (1)
- European Network and Information Security Agency (1)
- European Union (4)
- Executive Order 13478 (1)
- express consent (1)
- Express Scripts (1)
- extortion (2)
- Facebook (4)
- facebook (7)
- FACTA (11)
- FAF (1)
- Fair Labor Standards Act (1)
- Faith Heikkila (1)
- False Claims Act (2)
- FARC (1)
- FASB (1)
- FBI (6)
- FBI IDW (1)
- FCC (1)
- FCRA (7)
- FDIC (4)
- federal reserve (1)
- Federal Reserve Act (1)
- Federal Reserve Bank (1)
- Federal Reserve Board (1)
- Federal Trade Commission (1)
- FEI (2)
- Feinstein (1)
- FERPA (5)
- FFIEC (2)
- fireworks (1)
- FISA (2)
- FISA Amendments Act of 2008 (1)
- FISSEA (1)
- FLSA (1)
- FMLA (1)
- FOIA (2)
- Foreign Intelligence Surveillance Act (2)
- Fortune (1)
- Fourth of July (1)
- FPA (1)
- France (3)
- Francis Ford Coppola (1)
- fraud (1)
- Fred Hayes (1)
- free training (1)
- French (1)
- FSA (1)
- FTC (49)
- FTC Act (12)
- FTC ruling (1)
- Gal Shpantzer (1)
- GAO (2)
- Gary Hinson (2)
- Gavin Newsom (1)
- genetic data (1)
- genetic privacy (1)
- George Bush (1)
- George Clooney (2)
- GINA Law (1)
- GLBA (9)
- Global Crossing (1)
- Global Mortgage Funding (1)
- global security week (2)
- Global Security Week (10)
- Goodmail (1)
- google (1)
- Google (5)
- Google Apps (1)
- Google Chrome (1)
- Google Health (1)
- Google street view (1)
- Google streetview (1)
- Google walking directions (2)
- governance (1)
- government (70)
- government surveillance (1)
- GPO (1)
- GPS (1)
- GPS tracking (1)
- Gramm Leach Bliley (1)
- Gramm Leach Bliley Act (1)
- Gregg William Bergersen (1)
- grillo (1)
- Grillo (3)
- Guardian Communications (1)
- hacker (9)
- hacker safe (1)
- hacker safe seal (1)
- hackers (4)
- hacking (1)
- harp (1)
- HCPro (1)
- health data privacy (2)
- health insurance portability and accountability act (6)
- Health Insurance Portability and Accountability Act (4)
- Health Net (1)
- healthcare (1)
- healthcare security (1)
- HealthVault (1)
- Healtvault (1)
- Herb Kohl (1)
- HERBERT ALLEN (1)
- HHS (31)
- Hillary Clinton (2)
- hillary clinton (1)
- hipaa (1)
- HIPAA (106)
- HIPAA enforcement (1)
- HIPAA sanction (1)
- HITECH (7)
- HITECH Act (25)
- hitech act (1)
- holiday (1)
- home office (1)
- Homeland Security (1)
- Homeland Stupidity (1)
- honey stick (1)
- Horizon (1)
- Hospital Sisters of the Third Order of St. Francis (1)
- hot jobs (1)
- Howard Dean (1)
- Howie Day (1)
- HR (1)
- HSPD-12 (1)
- humor (1)
- I-9 documents (1)
- I-9 forms (1)
- IAPP (4)
- ICANN (1)
- iconix (1)
- ID theft (3)
- identity fraud (6)
- identity management (2)
- identity theft (49)
- identity theft insurance (1)
- Identity Theft Prevention Program (2)
- identity verification (2)
- Ifeyhewen Badidi (1)
- Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (1)
- IM (2)
- IM security (2)
- image spam (2)
- implied consent (2)
- inauguration (1)
- incident (1)
- incident response (2)
- income tax (1)
- Independence Day (1)
- information assurance (6)
- information classification (1)
- information disposal (2)
- information reclamation (1)
- information security (794)
- information security and privacy collaboration (1)
- information security and privacy convergence (2)
- information security policies (6)
- information security profession (1)
- information security study (1)
- Information Shield (1)
- infosecblog (1)
- Infragard (3)
- ingestible bugs (1)
- insider threat (48)
- instant messaging (5)
- Institute of Medicine (1)
- insurance (1)
- INTEGRATED ELECTRICAL SERVICES INC (1)
- intellectual property (3)
- International Association of Privacy Professionals (1)
- international data transfer (1)
- international space station (1)
- International Trade Commission (1)
- internet (1)
- Internet (1)
- Internet history (1)
- Internet Safety Night (1)
- Internet security (2)
- Internet use (2)
- intrusion detection (1)
- invasion of privacy (1)
- IOM (1)
- Iowa (4)
- iowa anti-spam law (1)
- iowa anti-spoof law (1)
- Iowa caucus (4)
- Iowa law (3)
- Iowa ruling (1)
- Iowa State Fair (1)
- Iowa State University (2)
- IowaLandRecords.org (1)
- IP address (1)
- ipod (1)
- ipod security (1)
- IRS (2)
- Irving Escobar (1)
- ISACA (3)
- ISMS (4)
- ISO 27001 (3)
- ISO 27001 certification (3)
- ISO 27002 (1)
- ISO/IEC 17799:2005 (1)
- ISO/IEC 27002 (1)
- ISO/IEC 27005:2008 (1)
- ISSA (1)
- IT (1)
- IT audit (1)
- IT compliance (790)
- IT Compliance (1)
- it compliance (1)
- IT Compliance in Realtime (4)
- IT Compliance in Realtime Journal (1)
- IT Compliance Institute (1)
- IT compliance privacy (1)
- IT security (1)
- IT security Essential Body of Knowledge (1)
- IT security training (1)
- IT training (270)
- ITIL (2)
- ITRC breach report (1)
- itunes (1)
- Ivinson Memorial Hospital (2)
- jail time (1)
- James M. DiBlasio (1)
- Japan (1)
- Jason Fortuny (1)
- Jason Purslow (1)
- Jay Cline (1)
- Jay Meckenstock (2)
- Jeffrey B. Goodin (1)
- JEFFREY PUGH (1)
- Jerry Miller (1)
- job opportunity (1)
- jody westby (1)
- Joe Lindstrom (1)
- John Boehner (1)
- John Brandon (2)
- John DiMaria (2)
- John Edwards (1)
- john mccain (1)
- John McCain (1)
- John Snyder (1)
- Johseph Nathaniel Harris (1)
- judgment (1)
- Justin Peltier (1)
- Karen Curtis (1)
- Katrina (1)
- Kelly Sonora (1)
- Kentucky (1)
- kernell (1)
- Kevin Beaver (3)
- key logger (1)
- keylogger (1)
- kramer (1)
- Kwame Kilpatrick (1)
- Kyoung Suk Kim (1)
- KYW-TV (1)
- Lamont Wallace (1)
- laptop incident (1)
- laptop loss (1)
- laptop security (4)
- laptop theft (18)
- laptops (1)
- Larry Craig (1)
- Larry Mendte (2)
- Larry Ponemon (1)
- Latanya Sweeney (1)
- Latitude (1)
- Laurie Young (1)
- law (3)
- law enforcement (2)
- laws (1)
- lawsuit (1)
- leadership (1)
- Leahy (1)
- legal contracts (1)
- legislation (2)
- Lending Tree (1)
- Leonardo Cervera (1)
- Leslie A. Howell (2)
- Leslie Howell (1)
- license agreement (1)
- life is good (1)
- Lime Wire (1)
- Linda McGlasson (1)
- LinkedIn (5)
- lithium batteries (1)
- Live Earth (2)
- locational privacy (1)
- log compliance (1)
- log management (6)
- logging (5)
- logic bomb (2)
- logs (5)
- logs review (1)
- Lorrie Faith Cranor (1)
- lost and found (1)
- lost laptop (3)
- lost laptops (1)
- Maine (1)
- malicious software (1)
- malware (5)
- Marc Groman (1)
- Marie Cooley (1)
- Mark Jacobs (1)
- marketing (1)
- Martin McKeay (1)
- Maryland (1)
- Massachusetts (1)
- Massachusetts law (2)
- massachusetts privacy law (1)
- MBTA (1)
- McCain (1)
- McDonald's (1)
- McKee Clinic (1)
- Medco (1)
- medical identity theft (8)
- MedicAlert (1)
- meditech (1)
- meetings (1)
- memorial day (1)
- Merrick Bank (1)
- messaging privacy (4)
- messaging risks (1)
- messaging security (8)
- messaging technology (1)
- MetaBank (1)
- metadata (1)
- Metropolitan Sewer District (1)
- Michael Chertoff (1)
- Michael Mauro (1)
- Michael Mimitruk (1)
- Michael Santarcangelo (1)
- Michigan (1)
- micro-blog (1)
- microsoft (1)
- Microsoft (6)
- Mike Brennan (1)
- Minnesota (2)
- miracle wheat (1)
- miscellaneous (2)
- Missouri (1)
- Missouri Department of Revenue (1)
- MIT (1)
- mobile computer security (1)
- mobile computing (7)
- mobile computing risks (4)
- mobile security (2)
- mobile working (1)
- monitoring (6)
- MOREnet (1)
- Morrissey (1)
- Mother's Day (1)
- mp3 (1)
- MPAA (2)
- MSIA (3)
- multi-factor authentication (1)
- music (1)
- myspace (5)
- MySpace (3)
- Myspace (1)
- mytechnologylawyer (1)
- NAI (1)
- nanotechnology (1)
- NASA (1)
- National Consumer Protection Week (1)
- National Identity Fraud Prevention Week (1)
- national intelligence (1)
- National Security Letters (3)
- Naval Research Laboratory (1)
- NetSec (1)
- Network Advertising Initiative (1)
- Network Systems Architects (1)
- Nevada (3)
- New York (1)
- new york attorney general (1)
- New York Supreme Court (1)
- New Zealand (1)
- NHLBI (1)
- Nicole Lanae Stevenson (2)
- Niedermeier (1)
- NISSAN (1)
- NIST (8)
- NISTIR (1)
- NISTIR 7628 (2)
- Nith Circuit (1)
- NLRB (1)
- no match letter (1)
- no match rule (1)
- noncompliance penalty (2)
- Norman Borlaug (1)
- Northeastern University (1)
- Norwich (2)
- Norwich Union Life (1)
- Norwich University (1)
- NRS 597.970 (1)
- NSA (4)
- nucleus research (1)
- nymity (1)
- Nymity (1)
- Obama (2)
- OCC (1)
- OCR (15)
- ODNI (1)
- oecd (1)
- OECD (2)
- OECD privacy principles (1)
- OESS (1)
- Office of Personnel Management (1)
- Ohio (2)
- Ohio Department of Administrative Services (1)
- OIG (1)
- OMB (1)
- One Laptop Per Child (1)
- online scams (1)
- Ontario Police Department (1)
- Opt-in (1)
- opt-out (1)
- orkut (1)
- OTS (2)
- outsourcing (3)
- outsourcing risks (2)
- outsourcing security (1)
- P2P (1)
- P2P security (1)
- PA-DSS (1)
- Pakistan (1)
- Palin (1)
- Palisades Medical Center (1)
- Panda Security (1)
- pandemic (2)
- Pandora's box (1)
- Paris Hilton (1)
- passport-gate (2)
- passports (1)
- password security (1)
- passwords (2)
- patient information (1)
- patient privacy (57)
- patient privacyimpact assessment (1)
- patient security (1)
- Patriot Act (3)
- Paula Abdul (1)
- PCAOB (1)
- PCI (6)
- PCI DSS (14)
- PCI Security Standards Council (1)
- PDF (1)
- Peak: How Great Companies Get Their Mojo from Maslow (1)
- peggy whitson (1)
- penetration test (2)
- perez (1)
- personal (2)
- personal data breach (6)
- personal data protection (2)
- personal information (3)
- personal information breach (1)
- personal information incident (1)
- personal information privacy (2)
- personal information protection (2)
- personal privacy (15)
- personally (1)
- personally identifiable informatio (1)
- personally identifiable information (91)
- Peter Tippett (1)
- PETs (1)
- PGP (2)
- PHI (18)
- Phil Bredesen (1)
- phishing (13)
- phone calls (1)
- PHR (3)
- PIA (12)
- Piedmont Hospital (3)
- PII (118)
- PII personally identifiable informaton (1)
- PIPEDA (1)
- Planet PDF (1)
- podcast (8)
- police (1)
- police scanner (1)
- policies and (2)
- policies and procedures (743)
- politics (1)
- ponemon (1)
- Ponemon Institute (3)
- Ponemon study (1)
- Popular Science (2)
- popup marketing (1)
- Portugal privacy law (1)
- Premier Capital (1)
- pretexting (2)
- PricewaterhouseCoopers (3)
- privacy (429)
- Privacy Act (1)
- Privacy Activism (1)
- privacy and security Week (1)
- Privacy Award (1)
- privacy awareness (20)
- privacy bills (3)
- privacy bird (1)
- privacy breach (94)
- privacy breach notice laws (2)
- privacy breach notifications (1)
- privacy breach response (1)
- privacy breach response plan (1)
- privacy breach study (1)
- privacy breaches (3)
- privacy commissioner (1)
- privacy compliance (7)
- privacy enhancing technologies (1)
- privacy experts (1)
- privacy framework (1)
- privacy impact assessment (12)
- privacy impact calculator (1)
- privacy incident (29)
- privacy incidents (1)
- privacy issues (1)
- Privacy Journal (1)
- privacy law (32)
- privacy management (1)
- privacy management toolkit (1)
- privacy ombudsman (1)
- privacy policies (2)
- privacy policy (47)
- privacy policy change (1)
- privacy poll (2)
- privacy principles (4)
- privacy professor (1)
- Privacy Rights Clearinghouse (1)
- privacy rule (16)
- Privacy Rule (6)
- privacy studies (1)
- privacy study (1)
- privacy survey (1)
- privacy tools (2)
- privacy training (315)
- privacyprof (2)
- program changes (1)
- protected health information (3)
- Protecting Information (5)
- protecting information (4)
- Providence Health & Services (1)
- Public Information Research (1)
- public schools (1)
- publicdata.com (1)
- PwC (3)
- QSA (3)
- Raelyn Campbell (1)
- ransomware (1)
- Ray Kaplan (1)
- RBS Worldpay (1)
- REAL ID (2)
- Red Flags Rule (4)
- Red Flags rule (1)
- Red Flags Rules (1)
- registration redemption (3)
- Regulation S-P (1)
- regulatory compliance (27)
- regulatory enforcement (1)
- Remberto Sarmiento (1)
- remote computing (1)
- republicans (4)
- Republicans (1)
- reputation (1)
- research data (1)
- retail security (1)
- retention (2)
- retention law (1)
- RFID (3)
- Rhode Island Hospital (1)
- Richard Ellis Smith (1)
- richard power (1)
- Richard Power (2)
- Richard Swart (1)
- Richard Thomas (1)
- risk (8)
- risk management (575)
- risk management. data loss (1)
- running (2)
- Ryan Sherstobitoff (1)
- Safe Harbor (2)
- safecode (1)
- Safeguards Rule (4)
- Safer Internet Day (1)
- SAI Global (1)
- Samuel Bodman (1)
- San Jose Medical Group (1)
- sanction (1)
- sanctions (1)
- Santa (2)
- Sarah Palin (1)
- Sarbanes Oxley (8)
- saturday night live (1)
- Saudi Arabia (1)
- Savvis (1)
- SB 227 (1)
- SB 347 (1)
- SB 541 (1)
- SB1386 (1)
- SC Magazine (2)
- Schumer (1)
- sciarrone (1)
- science (1)
- Scientific American (1)
- Scott Charney (1)
- Scott Draughon (1)
- Scott Wright (1)
- scott wright (2)
- SDLC (9)
- search engines (1)
- SEC (2)
- Section 404 (6)
- Secure 360 (1)
- secure applications (2)
- Secure Your ID Day (2)
- security (4)
- security and privacy collaboration (2)
- security and privacy convergence (1)
- security awareness (163)
- security benchmark (1)
- Security Catalyst (1)
- security certification (1)
- security controls (1)
- security incident (3)
- Security Insider (1)
- security law (6)
- security podcast (1)
- security policies (1)
- security policy (1)
- security poll (2)
- security risk (23)
- security roundtable (1)
- Security Rule (3)
- security rule (13)
- security sanctions (2)
- security software (2)
- security survey (1)
- security testing (1)
- security tools (2)
- security training (485)
- security vendor (1)
- security vendors (1)
- separation of duties (1)
- service level agreements (1)
- Shadowsoft (1)
- Shane Kelly (1)
- Shirk (1)
- shoes (1)
- Shon Harris (1)
- shredding (1)
- SID (1)
- SIIA (1)
- SIM cards (1)
- Simbaqueba Bonilla (1)
- smart card (1)
- Smart Grid (5)
- Smart Meter (2)
- SmartGrid (4)
- smartphone security (1)
- SMB (4)
- SMB security (3)
- SMBs (4)
- social (2)
- social engineering (14)
- social network (2)
- social network security (1)
- social networking (7)
- social networking safety (1)
- social networking sites (1)
- social networks (1)
- social psychology (1)
- social security administration (1)
- social security number (11)
- social security numbers (5)
- software certification (1)
- software licensing (3)
- software pirating (1)
- software quality assurance (1)
- software security (1)
- SOX (9)
- SP 800-122 (1)
- space shuttle (1)
- Spain (1)
- spam (8)
- spam law (1)
- Speaker (2)
- speaking (1)
- spoofing (1)
- spy (1)
- spyware (3)
- SSA (2)
- SSN (13)
- SSNs (1)
- stamps (1)
- standards (1)
- Stanley Inc (1)
- Starbucks (1)
- state breach notice laws (1)
- state data protection law (3)
- state employment law (1)
- state law (1)
- Steven E. Hutchins Architects (1)
- Steven William Sutcliffe (1)
- stolen computer (3)
- stolen laptop (10)
- stolen laptops (3)
- stolen mail (1)
- storage (1)
- Streetwise Security Coach (1)
- streetwise security zone (1)
- supreme court (1)
- surveillance (26)
- Swift (2)
- Symantec (1)
- systems development (3)
- T-Mobile (1)
- Talk America (1)
- taxpayer identification number (1)
- technology (1)
- telecommunications (1)
- telemarketer (1)
- teleworking (1)
- Tennessee (1)
- terms of use (1)
- terrorist (2)
- Terry Childs (1)
- Texas Credit Services Organizations Act (1)
- Texas Deceptive Trade Practices Act (1)
- Texas EZPAwn (1)
- Texas Identity Theft Enforcement and Protection Act (1)
- text message security (2)
- text messages (2)
- texting (1)
- The Consulting Association (1)
- The Economist Intelligence Unit (1)
- The Office (1)
- theft (1)
- third party security (4)
- this day in history (1)
- TJX (2)
- TJX breach (1)
- Toby Levin (1)
- Tom Peltier (1)
- Top 50 Security Blogs (1)
- topless meetings (1)
- Torrentspy (1)
- trademarks (1)
- training (2)
- travel (1)
- travel safety (1)
- travel security (1)
- Tri-West (1)
- trust (3)
- truste (1)
- TRUSTe (1)
- twitter (4)
- Twitter (5)
- U.K. Data Protection Act (1)
- U.K. ICO (1)
- U.S. (1)
- U.S. Citizenship and Immigration Services (1)
- U.S. law (1)
- U.S. president (1)
- U.S. president vote voting privacy voting security (1)
- U.S. State Department (1)
- uberveillance (3)
- ubiquitous computing (1)
- UC Berkeley (2)
- UCLA Medical Center (1)
- UCM (1)
- United Airlines (1)
- United Kingdom (1)
- University of Iowa (1)
- University of Tennessee at Knoxville (1)
- University Toolkit (2)
- URAC (1)
- Urbandale (1)
- US-CERT (1)
- USA PATRIOT Act (3)
- USA SAFE WEB Act (1)
- VA (1)
- VA incident (2)
- VA privacy breach (1)
- Various Inc. (1)
- vendor management (1)
- vendor risks (1)
- vendor security assessment (1)
- vendor security management (1)
- Verisign (1)
- Vermont (1)
- Veterans Affairs (1)
- Victor Papagno (1)
- Victoria's Secret (1)
- Villanova incident (1)
- virtual worlds (1)
- virus (1)
- Visa (1)
- vishing (1)
- voice mail (1)
- voice recognition (1)
- vote (1)
- voting privacy (1)
- voting security (1)
- VSAC (1)
- vulnerability assessment (1)
- Wal-Mart (2)
- wardriving (1)
- web 2.0 (2)
- Web 2.0 (2)
- web bugs (2)
- webcasts (1)
- Websense (1)
- website privacy policies (1)
- West Des Moines (1)
- white house (1)
- whitehouse (1)
- Wii (1)
- William Bryant (1)
- WILLIAM REYNOLDS (1)
- Windows Vista (1)
- Windows XP (1)
- wired (1)
- Wired (1)
- wireless hack (1)
- wireless security (5)
- Worcs (1)
- work from home (1)
- workplace privacy (1)
- World Privacy Forum (2)
- Yahoo (1)
- YouTube (5)
- Zappos (1)
- Zhivargo Laing (1)