When to Report a Breach: Consideration of Encryption States

Matt Fisher of Carium writes:

Data breaches grab headlines on a daily basis and arise from a number of different scenarios. However, one question that is not necessarily examined closely (at least in news articles), is whether encryption was in place and why the encryption did not prevent the breach. That rhetorical question does not get into the finding in a number of resolutions through the HHS Office for Civil Rights where lack of appropriately or properly implemented encryption was part of the reason for a penalty.

Matt then considers a number of different scenarios involving encryption to make the point that the determination of a breach when encryption is involved may be more complex than initially thought.

Read more on The Pulse.

About the author: Dissent

2 comments to “When to Report a Breach: Consideration of Encryption States”

You can leave a reply or Trackback this post.
    • Dissent - February 9, 2021

      I usually delete all submitted links but I’m making an exception for that one. Thank you.

Comments are closed.