Blog Posts Tagged with "PII"
May 10, 2012 Added by:Marc Quibell
Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...
March 01, 2012 Added by:Danny Lieberman
The first step in protecting customer data is to know what sensitive data you store, classify what you have and set up the appropriate controls. Here is a policy for any merchant or payment processor who wants to achieve and sustain PCI DSS 2.0 compliance and protect data...
January 19, 2012 Added by:Headlines
WOMMA applauds the FTC's efforts at making transparency a key point. While it is not yet clear what effect these developments have had on the online marketing industry - we appreciate the agency's efforts to allow industry leaders to develop self-regulatory initiatives...
December 14, 2011 Added by:Christopher Burgess
Have we now arrived at the point in obtaining medical care that in addition to looking into the medical practitioner's experience and confirming they are compliant with HIPAA, that we now must review their data handling policies before choosing a health care provider?
July 20, 2011 Added by:Kelly Colgan
In order to sign up for identity theft protection services, you have to hand over a lot of vital data about yourself. Do you really want to give this to a company you’ve never done business with before—especially one that’s offering you something for free?
May 24, 2011 Added by:Danny Lieberman
How much damage would be incurred if there was breach? For the purpose of asset valuation, we distinguish between customer data without PII and customer data that may have PII. Let’s consider 4 key assets of a company that designs and manufactures widgets and sells them over the Internet...
May 14, 2011 Added by:Danny Lieberman
Humans are naturally curious and always worried when it comes to the health condition of friends and family. HIPAA risk and compliance assessments at hospitals in Israel, the US and Australia consistently show that the number one attack vector on PHI is friends and family, not hackers...
March 18, 2011 Added by:Andrew Weidenhamer
If you don’t know what processes take PII, you don't know what type of PII you are taking. If you don’t know what PII you are taking, then you don’t know what regulations to adhere to. If you do not know what regulations you need to adhere to, then you will not know what controls are required...
March 14, 2011 Added by:David Navetta
Privacy-related lawsuits are on the rise, and this time Amazon.com is the target. On March 2, 2011, two named plaintiffs filed a class-action lawsuit alleging that Amazon circumvents browser privacy settings to collect users’ personal information without permission and shares the information with third parties...
February 24, 2011 Added by:David Navetta
Thinking hard about how business and consumer interests can be harmonized by effective and privacy/security-friendly policies and practices? We thought so. Worried that zip codes might be treated as personal information in this country? Probably not. All that may be changing...
January 20, 2011 Added by:Stephen Gantz
Informational privacy seems like a good idea – wherefore the People have enacted laws at the federal level and in the states restricting the government’s collection and use of information. But it is up to the People to enact those laws, to shape them, and to repeal them...
January 14, 2011 Added by:Danny Lieberman
Many consultants tell businesses that they must perform a detailed business process analysis and build data flow diagrams of data and business processes. This is an expensive task to execute and extremely difficult to maintain that can require large quantity of billable hours...
December 26, 2010 Added by:Rebecca Herold
The component that brings the most vulnerability to all forms of information is still the same as it has been for not only the past few years, but also the past few centuries: humans. But sadly, this component is woefully ignored and neglected when it comes to security and privacy in most organizations...
December 17, 2010 Added by:David Navetta
In this part of our review, and in following parts, we dig into the specifics of the Report's proposed framework, with a eye to examining rationales for the various proposals as well as analysis on the potential effects going forward on practices and data policies...
Mass Disclosure of Vulnerabilities in SAP... john niko on 12-09-2013
Join Trend Micro & SecurityWeek in Belle... Shah Alam on 12-06-2013
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013