Posts about Data Security by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws. The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from […]
by Daniel J. Solove After Apple announced that it wouldn’t provide law enforcement with an easy back door to access data on people’s devices, we heard loud whining coming from the FBI and various security proponents that this would be bad for security.
by Daniel J. Solove Last week, I gave a keynote address at a conference called Safeguarding Health Information: Building Assurance through HIPAA Security, sponsored by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR). I’d like to summarize my remarks here for […]
by Daniel J. Solove The FTC held a workshop this Monday about Big Data. The term “Big Data” is used everywhere these days, and depending upon who is talking about it, Big Data is either the hippest thing in the world and the producer of miracles that will save the human race, or it is […]
by Daniel J. Solove If there’s a big data breach, the class action lawyers will start nipping like a bunch of hungry crocodiles. Upwards of forty separate lawsuits were filed against Target after its data breach, and one was filed the day after the breach became public knowledge. The law, however, has thus far been […]
by Daniel J. Solove According to a recent report by Enterprise Management Associates, 56% of employees are not receiving any sort of data security awareness training. This is a rather distressing statistic. It is particularly distressing because according to another study, “when specific employee behaviors are addressed in a meaningful way to bring about a […]
by Daniel J. Solove As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme: The C-Suite must care The workforce must be aware In this post, I want to focus on the “C-Suite” – a term used […]
by Daniel J. Solove Recently, hackers from China stole 4.5 million records of patients from a hospital chain in Tennessee. Do you think that’s big? As a Bloomberg article notes, however,” they haven’t come close to entering the ranks of the biggest breaches of all time. In fact, they haven’t even cracked the top […]
by Daniel J. Solove We’re in the midst of a crisis in data protection. Billions of passwords stolen. . . Mammoth data breaches. . . Increasing threats. . . Malicious hackers . . .
by Daniel J. Solove It happens all the time. An organization has a privacy incident or data breach. The news stories proliferate. Cries of “shame on you” reverberate across the Internet. A number of organizations have an incident response plan, but they often don’t have much of a plan for PR. Certain incidents can take […]