Symposium on Privacy and Innovation Tomorrow, the Commerce Department is hosting a day-long symposium called “A Dialogue on Privacy and Innovation.” It will include several panel discussions to discuss stakeholder views and to facilitate further public discussion on privacy policy in the United States. The event will seek participation and comment from all Internet stakeholders,… Continue Reading
Data Compliance & Security
Subscribe to Data Compliance & Security RSS FeedWelcome to the Privacy Revolution
Posted in Data Compliance & SecurityThis is “Choose Privacy Week” – an initiative by the American Library Association to raise awareness about sharing information online. The Association has launched a new website, Privacy Revolution, offering tips for educators and parents on ways to address privacy concerns with children. One sure way not to raise the issue was demonstrated by a… Continue Reading
Brokerage firm victim of elaborate extortion scheme – but also gets hit with a fine
Posted in Data Compliance & SecurityBrokerage firm DA Davidson has agreed to pay a fine of $375,000 for failing to protect confidential client data from Latvian hackers who breached the company in 2007 in an online extortion scheme and the three have pleaded guilty in Montana. The hackers used a SQL injection attack to obtain access to the company’s database… Continue Reading
Senate Commerce Committee Approves Rockefeller-Snowe Cybersecurity Act
Posted in Data Compliance & SecurityWe will post a link to the amended legislation as soon as it is released by the Committee. The Senate Commerce Committee press release — WASHINGTON, D.C.—Senator John D. (Jay) Rockefeller IV, Chairman of the U.S. Senate Committee on Commerce, Science, and Transportation, and Senator Olympia J. Snowe (R-ME), a senior member of the committee,… Continue Reading
Massachusetts Data Security Compliance Workshop
Posted in Data Compliance & SecurityIn case your data security compliance plan is stuck in neutral, you have questions, or you haven’t started yet…there will be a free (!) breakfast hands-on workshop on Thursday in Tewksbury, MA. “Massachusetts Data Protection Law: Demystifying the Details” is being sponsored by the Merrimack Valley Venture Forum. The Merrimack Valley Venture Forum has assembled… Continue Reading
Privacy and Security Bits and Bytes
Posted in Data Compliance & SecurityOur Friday afternoon feature is back (albeit on Thursday due to schedule tomorrow) – a quick round-up of bits and bytes related to data privacy and security. Don’t Ignore New Massachusetts Data Privacy Regs – a piece by Lora Bentley from ITBusinessEdge (for which the editor of this blog was interviewed) Your smart phone may… Continue Reading
Today is the day……
Posted in Data Compliance & SecurityAfter implementation delays and rule changes, new data protection regulations that are widely considered the most stringent in the nation take effect today. The Massachusetts data security regulations require institutions that hold personal data on Massachusetts citizens to encrypt that information and implement written data protection policies, reports the Boston Globe. Discussion continues and questions… Continue Reading
Top 3 questions relating to compliance with 201 CMR 17.00
Posted in Data Compliance & SecurityAt the beginning of the “countdown” to the March 1st effective date of 201 CMR 17.00, we offered some posts with “misapprehensions” and compliance suggestions (see 16 Days to March 1….. and Countdown to compliance with 201 CMR 17.00…..11 days). Here are some questions that have been reoccurring over the last few weeks: 1) What… Continue Reading
And, it’s Friday, February 26th……
Posted in Data Compliance & SecurityAnd that means today is the last business day before the new Massachusetts data security regulations go live– as Jim Cramer would say, “That’s 201 CMR 17.00 for all you home gamers.”
Countdown to compliance with 201 CMR 17.00…..11 days
Posted in Data Compliance & SecurityAs we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list. “I ordered one of those $99 “Compliance Kits” from the Internet, and they say that they will “certify” that I am… Continue Reading
16 Days to March 1…..
Posted in Data Compliance & SecurityJust in case you missed it, March 1 is the deadline for compliance with 201 CMR 17.00, the new Massachusetts data security regulations, and we published a client alert last week as a “reminder”… Privacy and Security Alert. In addition to the top five “misapprehensions” about the applicability of the new regulations that we included… Continue Reading
Roundtable data privacy and security discussions on YouTube
Posted in Data Compliance & SecuritySee a series of Data & IT Security Roundtable discussions with thought leaders: www.youtube.com/user/JaxsonGroup
Tracking the cookie crumbs
Posted in Data Compliance & SecurityDisabling cookies may not be the answer to controlling your online identity. Regardless of whether you have cookies enabled or not, Web sites collect certain amounts of operational information about your browser. The Electronic Frontier Foundation has detailed how companies can use browser-configuration information to identify users, and also launched a new project, Panopticlick, aimed… Continue Reading
27 days and counting…
Posted in Data Compliance & SecurityMarch 1st is the deadline for compliance with the Massachusetts data security regulations, 201 CMR 17.00. We have blogged incessantly for months about the need to get compliance programs into gear and develop information security plans as required by the regulations. The time is here. If you are one of the procrastinators (and, you are… Continue Reading
Interesting perspective on Data Privacy Day and data privacy in general
Posted in Data Compliance & SecurityDeclan McCullagh is always a good read – It’s been 10 years: Why won’t people pay for privacy? Politics and Law – CNET News
Happy Data Privacy Day! Tip #1
Posted in Data Compliance & SecurityToday is worldwide Data Privacy Day. What is your company doing to promote data privacy and security in your enterprise? I’ll be participating in a KnowledgeNet in Boston, sponsored by the International Association of Privacy Professionals. The discussion topic is Privacy Awareness and Training. And don’t forget, the March 1 deadline for compliance with the… Continue Reading
Data Security Roundtable
Posted in Data Compliance & SecurityHere is a link to a couple of segments of a data security roundtable I participated in not long ago:http://www.businesswire.com/portal/site/home/permalink/?ndmViewId=news_view&newsId=20091222005345&newsLang=en Some very interesting discussions with folks who are on the cutting edge of data security. I’ll post the other segments as they are released.
Good data protection sense from the Brits
Posted in Data Compliance & SecurityThe UK’s Information Commissioner’s Office (ICO) has done what the Federal Trade Commission should do — produced a no-nonsense Guide to Data Protection. This Guide is intended to provide small and medium sized enterprises with practical advice about the UK’s Data Protection Act and takes a straightforward look at the data protection principles, using practical,… Continue Reading
National Public Radio 3-part special series on privacy
Posted in Data Breach, Data Compliance & SecurityThese are from October, but if you missed them, they are worth a look (or downloading the podcasts) — Part 1: Online Data Present a Privacy Minefield Part 2: Is Your Facebook Profile as Private as You Think? Part 3: Digital Bread Crumbs: Following Your Cell Phone Trail
Holiday Privacy Watch: Take care before you donate that cell phone
Posted in Data Breach, Data Compliance & SecurityDuring the holiday season, many organizations are soliciting donations of old cell phones to be repurposed. This is an excellent way to “reuse, reduce, and recycle” and puts those useless (to you) items to use in a positive way, but please remember — important and private data reside in your cell phone’s internal memory, even… Continue Reading
House scheduled to act today on several privacy bills
Posted in Data Compliance & SecurityThe House is scheduled to vote on HR 1319, The Informed P2P User Act, and HR 2221, The Data Accountability and Trust Act, tomorrow under suspension of the rules. We will monitor the debate and keep you updated on its passage.
Privacy and Security Bits and Bytes
Posted in Data Compliance & SecurityThe Most Wonderful Time of the Year — It’s time for the annual “top ten” lists. Information Security Resources has posted an article that is eye-opening reading with respect to data breaches in 2009. Ten Most Damaging Data Breaches of 2009 U.S. to Join Fingerprint Sharing — CBC News – Canada reports that the U.S…. Continue Reading
Massachusetts Attorney General proposes privacy regulations to apply to her office
Posted in Data Compliance & Security, LegislationWritten by Cynthia and Elissa An oft-cited criticism of the Massachusetts data security regulations (201 CMR 17.00), effective March 1, 2010, is that the regulations specifically do not apply to government entities — the only reason being that the Office of Consumer Affairs and Business Regulation does not have the authority or jurisdiction to enact… Continue Reading
Remember the school-days admonition that something might end up on your “permanent record”?
Posted in Data Compliance & SecurityA Fordham Law School study found that state educational databases across the country have severely inadequate privacy protections for the nation’s school children. The study, prepared by the Center on Law and Information Policy, reports that at least 32% of states warehouse children’s social security numbers; at least 22% of states record student pregnancies; and… Continue Reading
