PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Category: Portable Devices

Posts about Portable Devices by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.

HIPAA’s Long Arm — and Why It’s a Good Thing

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
July 11, 2016

HIPAA Training

Recently, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first resolution agreement and monetary penalty against a business associate (BA).

Continue Reading

Can the FBI Force Apple to Write Software to Weaken Its Software?

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
February 18, 2016

Privacy Awareness TrainingA dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power.  The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone.

Continue Reading

Lessons from the Latest HIPAA Enforcement Action

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
July 29, 2015

HIPAA Training OCR Enforcementby Daniel J. Solove

Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) publicized its resolution agreement in its HIPAA enforcement action against St. Elizabeth’s Medical Center (SEMC).  SEMC agreed to pay $218,000.

The case began with a complaint filed with OCR back in 2012 that employees were sharing PHI of nearly 500 patients via an online sharing application without a risk analysis on such activities being undertaken.  OCR investigation found that the medical center “failed to timely identify and respond to the known security incident, mitigate the harmful effects of the security incident and document the security incident and its outcome.”

Continue Reading

Cybersecurity: Leviathan vs. Low-Hanging Fruit

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
June 24, 2015

Data Security Training Low-Hanging Fruit

by Daniel J. Solove

There are certainly many hackers with sophisticated technical skills and potent malicious technologies.  These threats can seem akin to Leviathan — all powerful and insurmountable.

Leviathan 01

It can be easy to get caught up focusing on the Leviathan and miss the low-hanging fruit of cybersecurity.  This low-hanging fruit consists of rather simple and easy-to-fix vulnerabilities and bad practices.

Continue Reading

More Data Lost: 1.3 Million Student Loan Recipients

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
June 3, 2006

Data Breach

From CNET:

About 1.3 million customers of a Texas provider of student loans are at risk of ID fraud, after a contractor lost computer equipment with sensitive information on them.

The equipment, which was not identified, contains the names and Social Security numbers of the borrowers, the Texas Guaranteed Student Loan company said in a statement Tuesday. The hardware was lost by an employee of Hummingbird, a enterprise software company hired to prepare a document management system, it said.

Continue Reading