Posts tagged as:
John Muir Hospital in Walnut Creek, CA had 2 laptops stolen that contained person and health information on 5,450 patients.
As is required, the Hospital sent letters to all 5,450 patients telling them of the theft.
John Muir Health vice president and privacy officer, Hala Helm, says the laptops were password-protected and contained data in a format [...]
{ 1 comment }
Continue ReadingIn a “domestic burglary”, the personal information on 9000 students was stolen from a city counselman’s home.
What was done right?
The hard drive on the stolen laptop was encrypted.
What was done wrong?
“data stored on the CD ROMs and memory sticks included Surname, Forename, Gender, Date of Birth, Address, Postcode, Phone number, UPN (a unique identification [...]
{ 0 comments }
Continue ReadingAn excellent article by Dom Nicastro discussed the 5 major stumbling blocks that an auditor in Oregon has noticed lately.
I expand on two of the stumbling blocks, they listed below.
Lack of a risk analysis – Many organization have possibly executed on risk analysis, most have never even done one.
This should include, but is not limited [...]
{ 0 comments }
Continue Reading
