Outsourcing Breach Response Lowers Costs

March 2, 2010 by ADMIN · 1 Comment

By Doug Pollack, Chief Marketing Officer for ID Experts

The Ponemon Institute last month released their 5th annual 2009 Annual Study: Cost of Data Breach. This year, the report explored several new areas and came up with some interesting and in some cases surprising conclusions…

Perplexities of Enterprise Privacy Policies

February 8, 2010 by ADMIN · Leave a Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

An important consideration with information security incidents is identifying if personally identifiable information - PII - is involved. If it is, then the privacy breach response team needs to be put into action to determine whether or not an actual privacy breach occurred. I’m always interested in hearing the challenges and unique situations they run across as they not only create their plans, but also for how they execute them. Here are three of these situations, often overlooked and not planned for, but experienced by organizations.

On Managing Your Own Health Records

January 11, 2010 by ADMIN · 2 Comments

By Doug Pollack, Chief Marketing Officer for ID Experts

Microsoft HealthVault is designed to let us collect, store, and share health information critical to our family’s well-being and Google Health allows us to organize our health information all in one place, gather our medical records from doctors, hospitals, and pharmacies, and share our information securely with a family member, doctors or caregiver. For now, I probably won’t start trusting my medical history to either Microsoft or Google…

Healthcare Data Breaches Slow To Surface

December 2, 2009 by ADMIN · 2 Comments

By Doug Pollack, Chief Marketing Officer for ID Experts

The 2009 ITRC Breach Report had captured numerous healthcare data breaches since the September 23rd effective date for the HITECH Act. So, I’m perplexed as to why there aren’t any data breaches over 500 individuals yet listed by HHS. Surprisingly, there is nothing there.

SaaS and the Need for Enterprise Architecture

November 17, 2009 by ADMIN · Leave a Comment

Coby Royer, Technical Product Manager for Symplified

Acquisition and deployment of real solutions is now within grasp of business owners (seemingly) without the need for conventional IT delivery and support. But many questions may go unanswered without engagement of EA, and latent risks (such as compliance and security) may turn into real issues.

HITECH Act and Protecting Health Privacy

November 12, 2009 by ADMIN · Leave a Comment

By Doug Pollack, Chief Marketing Officer for ID Experts

These new regulations come at a time when healthcare breaches are on the rise; according to the 2009 ITRC Breach Stats Report healthcare breaches account for over 66 percent of all records breached this year, up from 20 percent in 2008. In fact, some of the largest names in healthcare suffered data breaches.

HIPAA and Video Surveillance of Surgery

November 9, 2009 by ADMIN · 1 Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

A Rhode Island Hospital was fined $150,000 after a surgeon operated on the wrong finger of a patient, and now the hospital must install video cameras in all of its operating rooms. Of course video surveillance will not PREVENT such incidents from happening, but knowing such recordings are being made will likely make surgeons much more careful…

Everyday Life and the Expectation of Privacy

November 2, 2009 by ADMIN · 2 Comments

Coby Royer, Technical Product Manager for Symplified

Regardless of what you feel should or should not be private, we all have a right to set expectations that we trust will be met. And as technologists, we have the capability to improve the state of privacy in the face of technological advances that might otherwise undermine it. Privacy is not an Illusion, it is a challenge.

Report: Data Breaches Hike Fraud Risk 400%

November 1, 2009 by ADMIN · 3 Comments

By Doug Pollack, Chief Marketing Officer for ID Experts

This report should be heeded by those banks, health care organizations, government agencies, insurance companies and others that we entrust with our social security and checking account numbers, birth dates and mothers’ maiden names, and in some cases our personal health information.

PCI Compliance Does Not Equal Security

October 28, 2009 by ADMIN · 8 Comments

By Danny Lieberman, Security Expert and Founder of Software Associates

I recently saw an article entitled Compliance is the New Security Standard. The basic thesis of the blog post was that since companies have to spend money on compliance, they might as well spend the money once and rename the effort “security”. This is an interesting notion – although perhaps “placebo security” might be a cheaper approach. Compliance is not equivalent to security for several fundamental reasons…

Next Page »