If you have noticed an increasing number of high profile problems for healthcare organizations with respect to privacy and security issues these last few weeks you’re not alone. The issues have ranged from employee misuse of protected health information, web-based breaches, photocopier breaches, and theft of stolen computers that compromised millions of records containing unsecured
What’s In Your Trash?
How does your company dispose of personally identifiable information (medical records, financial information, applications containing sensitive information, etc.) and other sensitive information when the information is no longer needed? Do you throw it in the trash can next to your desk? Where does it go after that? Is it securely shredded, or thrown into an…
Where’s Your Privacy Policy?
Regulators increasingly want to know what companies are telling consumers about how the companies are using information about their consumers. Companies that do not properly explain how they collect, store, and use their customers’ information are facing increased scrutiny. Nowhere is this increased scrutiny move evident than in the $22.5 million civil penalty that the…
The FTC Fines Google $22.5 Million – Why Should Companies Care?
Today, the Federal Trade Commission levied a $22.5 million penalty against Google, the largest civil penalty by the FTC against a single defendant. Here is a copy of the Stipulated Order entered into between the FTC and Google. The penalty stems from an FTC Complaint alleging that Google violated “privacy promises” it agrees to…
How Secure Is Your Copy Machine?
Does your organization use a photocopier? If so, what types of documents do you copy, fax, and email with it? Do those documents contain proprietary information or personal information of your consumers/employees? If so, then you should review a guide issued by the Federal Trade Commission, called “Copier Data Security: A Guide for…
FTC Action – Companies Must Guard Against Software That Threatens Private Information
Flying “under the radar” this week as a result of the high profile LinkedIn data breach, was news that the Federal Trade Commission charged two businesses with illegally exposing the sensitive personal information of consumers by allowing peer-to-peer (P2P) file-sharing software to be installed on their corporate computer systems. P2P software is commonly used…