Tags » Breach Notification

Cover the Basics for Securing Your Network -- Shawn Tuma's Book Contribution

Shawn Tuma authored a section for an eBook published by Fortinet Security. You can read Tuma’s section, Cover the Basics, as well as download the complete eBook at this link: … 9 more words

Data Breach

Is your business prepared to respond this quickly to a data breach?

Customers and the public expect a very quick response to a data breach — within a matter of a few days. That is the new standard. 129 more words

Data Breach

Cybersecurity and data loss (short presentation)

Here’s a 10 minute presentation I gave to the firm yesterday that puts some trends in context and addresses recent breach notification amendments.

CORRECTION. I made a point in this presentation that the Bill 119 amendments to PHIPA remove a requirement to notify of unauthorized “access” – a positive add given the statute does not include a harms-related threshold for notification. 64 more words

Privacy (Not Workplace)

Interview: Preparing for the Upcoming HIPAA Compliance Audits

The warning cry has gone up and the next round of HIPAA audits will be here before most of us are ready.   116 more words

Risk Management

Breaches, Breaches, Everywhere

It often seems as though a day does not go by without the report of a new breach of healthcare data. Examples of breaches include loss of unencrypted devices (whether laptops, flash drives or other devices), usage of non-secure services, inattention to paper records, employee snooping, and more. 746 more words


Employee Retaining Stored Patient List on Personal Laptop Triggers Data Breach Obligation

An employee of East Bay Perinatal Medical Associates in Oakland, CA, retained on his personal laptop, a patient list that he had prepared as part of his job. 99 more words

Data Breach

Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union

An employee of Golden State Credit Union viewed member account information, containing Personally Identifiable Information (PII), without having the requisite authority to view such accounts. This action — alone — was sufficient to trigger the notification requirement of the California data breach notification law, at great expense and frustration for the Credit Union, which offered credit monitoring services to those affected. 51 more words

Data Breach