PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Cybersecurity: Leviathan vs. Low-Hanging Fruit

Data Security Training Low-Hanging Fruit

by Daniel J. Solove There are certainly many hackers with sophisticated technical skills and potent malicious technologies.  These threats can seem akin to Leviathan — all powerful and insurmountable. It can be easy to get caught up focusing on the Leviathan and miss the low-hanging fruit of cybersecurity.  This low-hanging fruit consists of rather simple […]

New Resource Page: Text of HIPAA’s Training Requirements

HIPAA Training Requirements

by Daniel J. Solove I recently created a new resource page for the TeachPrivacy website: Text of HIPAA’s Training Requirements.  This page provides excerpts of the training provisions in the HIPAA Privacy Rule and the HIPAA Security Rule. This page is designed to be a useful companion page to our resource page, HIPAA Training Requirements: […]

Boards of Directors Must Grapple with Privacy and Cybersecurity

By Daniel J. Solove Privacy and cybersecurity have become issues that should be addressed at the board level. No longer minor risks, privacy and cybersecurity have become existential issues. The costs and reputational harm of privacy and security incidents can be devastating. Yet not enough boards are adequately engaged with these issues. According to a […]

New Resource Page: Privacy and Security Training Requirements

by Daniel J. Solove I have created a new resource page for the TeachPrivacy website:  Privacy and Security Training Requirements.

The Terrifying Math of Phishing

by Daniel J. Solove Although we are seeing increasingly more sophisticated attempts at phishing, it appears as though many phishers still haven’t been able to get their hands on a program with spell check.  Why are we still seeing the $10 million lottery winning emails?  Or the long lost relative of yours living in Fiji […]

Troublesome Password Practices and the Need for Data Security Training

By Daniel J. Solove A recent study by TeleSign revealed that many people engage in some troublesome password practices. Some of the most alarming findings from the report include: — 73% of accounts use duplicate passwords. — Nearly half of consumers have a password they haven’t changed in 5+ years — “Consumers have an average […]

Law Firm Cyber Security and Privacy Risks

law firm data security

By Daniel J. Solove Law firms are facing grave privacy and security risks. Although a number of firms are taking steps to address these risks, the industry as a whole needs to grasp the severity of the risk. For firms, privacy and security risks can be significantly higher than for other organizations. Incidents can be […]

Why We Should Persuade and Train with Stories

By Daniel J. Solove   Once upon a time, there was a teacher who wanted to train people. At first, the teacher stated a list of things to do and not do. But this had little effect. The teacher was upset and started to doubt whether he could ever get through to people. But then […]

The Health Data Breach and ID Theft Epidemic

By Daniel J. Solove When you go to the hospital, you might worry about catching a staph infection or pneumonia, but you should also worry about contracting a nasty case of medical identity theft. Most people suffer significant harm from medical ID theft, and few are completely cured. This ailment is spreading dramatically as data […]

Burn Before You Learn or Learn Rather than Burn

By Daniel J. Solove It seems as though every week brings news of another batch of data breaches . . . and they’re getting bigger. Target. Home Depot. Sony. Anthem. The list goes on and on. The costs of many of these breaches are devastatingly large. And yet most data breaches are readily preventable. After […]