Commentaries and Analyses

ICO outlines business case for privacy

In The Privacy Dividend, a report published on 4 March 2010, it said public and private sector organisations can use business cases to justify spending on privacy protection. It says the benefits of protecting privacy derive from four areas in which information has value. Firstly, protecting personal information as an asset can help to...

Medical identity theft strikes 5.8% of American adults

Ellen Messmer reports: Identity thieves are not only interested in tapping financial resources, but are also after your medical identification data and services. Medical identity theft typically involves stolen insurance card information, or costs related to medical care and equipment given to others using the victim’s name. Roughly 5.8% of American adults have been...

Verizon releases framework for reporting security incidents

William Jackson reports: Verizon Business on Monday released for public use a framework for collecting and reporting information about security incidents in the hope of creating a standardized way for government and industry to share information about breaches. “If we don’t have a common language to collect and communicate data, we are going to...

OCR/HHS reveals two more breaches

The public list of breaches reported to HHS under the HITECH Act was updated to add two entries. Both entries are associated with the same business associate: MSO of Puerto Rico. I do not see anything on the web sites of the covered entities or the business associate about the incident nor did I...

Lost or stolen?

In the big scheme of things, it may be small breach report.  But the difference between what Ameriprise Financial told the state attorney general and what they told the client caught my eye. In  a notification letter to the New Hampshire Attorney General’s Office, Ameriprise Financial Services informed the state that they had had...