Blog Posts Tagged with "Personally Identifiable Information"
I Hope Edo is Worth the Privacy Risk
May 16, 2012 Added by:Keith Mendoza
About a week ago, I read about this new daily deal service called edo that ties to your bank account, and the first thing that came to my mind is “uh oh, another attack vector into my bank info”. Here are a list of features that are those potential attack vectors...
Comments (0)
Where is My Information?!?!
May 11, 2012 Added by:Marc Quibell
Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...
Comments (0)
Healthcare Data and the (Private) Social Network
May 10, 2012 Added by:Danny Lieberman
Previously, we talked about the roles that trust, security and privacy play in online healthcare interactions. In this post we look at privacy challenges in social networks and describes how you can implement a private healthcare social network for without government regulation...
Comments (0)
Six Good Reasons to De-Identify Data
May 09, 2012 Added by:Rebecca Herold
Even though it sounds complicated there are many good methods you can use to accomplish de-identification. The great thing is, under many legal constructs de-identification is an acceptable way to use personal information for purposes beyond which the personal data was collected...
Comments (2)
Healthcare Data: I Trust You to Keep this Private
May 04, 2012 Added by:Danny Lieberman
In this article, Danny Lieberman talks about the roles that trust, security and privacy play in online healthcare interactions. At the end of the article, he introduces the idea of private social networking for healthcare – leaving the piece open for a sequel...
Comments (0)
On the Growth of Identity Theft
May 01, 2012 Added by:Pierluigi Paganini
It is clear that criminal organizations are devoting substantial resources in this sector. An increasing component of organized crime is specializing in this kind of activity characterized by high profits and low risks compared to traditional criminal activities...
Comments (2)
Encryption: Myths and Must Knows
April 12, 2012 Added by:Rebecca Herold
Small to medium sized businesses have legal obligations to protect sensitive information, such as personally identifiable information. Here are some of the common long-held myths related to encryption misconceptions...
Comments (0)
Data Breach Definitions, Costs and Security
April 12, 2012 Added by:Fergal Glynn
Companies that suffer a data breach lose more than just confidential information. Their reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. The organization may face fines, civil or criminal prosecution...
Comments (0)
P2P File Sharing Security Concerns for Small Businesses
April 04, 2012 Added by:Robert Siciliano
In my own P2P security research, I have uncovered tax returns, student loan applications, credit reports and Social Security numbers. I’ve found family rosters which include usernames, passwords and Social Security numbers for entire family...
Comments (0)
NIST: Technical Guidance for Evaluating Electronic Health Records
April 03, 2012 Added by:Infosec Island Admin
“This guidance can be a useful tool for EHR developers to demonstrate that their systems don’t lead to use errors... It will provide a way for developers and evaluators to objectively assess how easy their EHR systems are to learn and operate, while maximizing efficiency...”
Comments (0)
Is a W-2 Considered PHI Under HIPAA?
March 26, 2012 Added by:Rebecca Herold
The question was framed as meaning the entire W-2 form was being “submitted” for financial assistance to pay for healthcare, so with this in mind, we will consider it as one document containing several information items that are necessarily grouped together...
Comments (0)
What do Credit Card Companies do with Your Personal Info?
March 23, 2012 Added by:Allan Pratt, MBA
The types of personal information companies collect and share depends on the product or service you get from them. This info can include: Social Security number and income, account balances and employment details, and credit history and transaction history...
Comments (0)
Hackers Target Social Media for Social Engineering Attacks
March 23, 2012 Added by:Dan Dieterle
Hackers are getting much better at their craft, and people are making it very easy for them. A Social Engineer will use information gathered about a person, place or business in specially crafted attacks that play on people’s thoughts, beliefs or emotions...
Comments (0)
Transborder Data Flows at Risk
March 22, 2012 Added by:David Navetta
The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries...
Comments (0)
ISA / ANSI: Financial Impact of Breached Health Information
March 20, 2012 Added by:Marjorie Morgan
Webinar participants will hear from industry experts who will highlight strategies for health care organizations and findings from the recently released report, The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security...
Comments (0)
It’s Back: March Madness Higher Education Data Breach Brackets
March 13, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR