Posts about Data Breaches by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
by Daniel J. Solove As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme: The C-Suite must care The workforce must be aware In this post, I want to focus on the “C-Suite” – a term used […]
by Daniel J. Solove Recently, hackers from China stole 4.5 million records of patients from a hospital chain in Tennessee. Do you think that’s big? As a Bloomberg article notes, however,” they haven’t come close to entering the ranks of the biggest breaches of all time. In fact, they haven’t even cracked the top […]
by Daniel J. Solove We’re in the midst of a crisis in data protection. Billions of passwords stolen. . . Mammoth data breaches. . . Increasing threats. . . Malicious hackers . . .
by Daniel J. Solove It happens all the time. An organization has a privacy incident or data breach. The news stories proliferate. Cries of “shame on you” reverberate across the Internet. A number of organizations have an incident response plan, but they often don’t have much of a plan for PR. Certain incidents can take […]
by Daniel J. Solove In three earlier posts, I’ve been exploring the nature of privacy and data security harms. In the first post, Privacy and Data Security Violations: What’s The Harm?, I explored how the law often fails to recognize harm for privacy violations and data breaches. In the second post, Why the Law Often […]
by Daniel J. Solove In two earlier posts, I’ve been exploring the nature of privacy and data security harms. Post 1: Privacy and Data Security Violations: What’s The Harm? Post 2: Why the Law Often Doesn’t Recognize Privacy and Data Security Harms In this post, I want to explore two issues that frequently emerge in […]
by Daniel J. Solove In my previous post on privacy/security harms, I explained how the law is struggling to deal with privacy and data security harms. In this post, I will explore why. The Collective Harm Problem One of the challenges with data harms is that they are often created by the aggregation of many […]
by Daniel J. Solove “It’s just a flesh wound.” – Monty Python and the Holy Grail Suppose your personal data is lost, stolen, improperly disclosed, or improperly used. Are you harmed? Suppose a company violates its privacy policy and improperly shares your data with another company. Does this cause a harm? In most cases, courts […]
by Daniel J. Solove The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced the costliest HIPAA settlement to date — a $4.8 million settlement with New York and Presbyterian Hospital (NYP) and Columbia University (CU). The case involved the disclosure of protected health information on the Internet. Here […]
by Daniel J. Solove Last week, the White House released its report, Big Data: Seizing Opportunities, Preserving Values. My reaction to it is mixed. The report mentions some concerns about privacy with Big Data and suggests some reforms, but everything is stated so mildly, in a way designed to please everyone. The report is painted […]