Tag: Data Security

Heaps of paper or storehouses of data? Exploring ways to keep HR records

No one disputes the importance of proper recordkeeping in the workplace. But what’s the best way to keep that information? In bulky paper files kept on-site or maybe entrusted to a vendor to be kept off-site? Perhaps an employer’s information, both routine and sensitive, should be kept in a digital format. And if electronic storage […]

data

Wannacry: A Shot Across the Bow

Although information security and cyber attacks seem to be a daily headline, several events and trends recently collided to produce some headlines with extra heat: WANNACRY RANSOMWARE RUNS RAMPANT! Even in a world used to fast-moving technology, the speed of Wannacry’s spread, and the high-profile nature of its victims, took many by surprise.

New Rhode Island data security law takes effect July 2

by Timothy C. Cavazza and Matthew H. Parker The Rhode Island Identity Theft Protection Act of 2015 will take full effect on July 2, meaning employers need to have their data security and notification policies in compliance or face serious financial consequences if even one data breach occurs. The new law applies to employers and […]

login

New Oregon data security law takes effect January 1

by Joanna Perini-Abbott Oregon’s expanded data breach law will take effect January 1, making two significant changes to the old law—a notification requirement and a change in the definition of “personal information.”  Like the old law, the new law requires businesses that maintain personal information digitally, including information about employees, to notify Oregon residents whose […]

How a Public Library Approaches Computer Security

Yesterday we learned that like an office, your local library has some serious computer security concerns. With numerous individuals using computers without direct oversight, there seems no end to the number of ways those computers might be compromised. Luckily, the library uses a system that takes care of all that, and it’s a lot more […]

New Florida law offers employers protection against hackers

by Lisa Berg Effective October 1, Florida business owners will have a new civil remedy in the event they’re harmed by unauthorized access to their computers or information stored on protected computers. Under Florida’s Computer Abuse and Data Recovery Act (CADRA), businesses can pursue a civil action for “harm or loss” suffered as a result […]

CareFirst Is Latest Insurer to Suffer Major Cyberattack

CareFirst BlueCross BlueShield has become the latest major health insurer to acknowledge having suffered a large-scale cyberattack on its member data. Information on about 1.1 million individuals was affected by the breach, which CareFirst discovered during an information technology security review conducted in the wake of the attacks on Anthem and Premera. In June 2014, […]

Employee personal information – the gift you don’t want to give this Christmas

You may have heard the news of the monumental data hack on Sony late last month, where several personal e-mails, rough cuts of movies, and screenplays were obtained and released without authorization by the media giant. According to several news outlets, the e-mails in particular reveal personal gripes about certain celebrities (shocker!) and have raised allegations […]

OCR Expects Consistency in HIPAA Breach Response

When investigating a breach of IT network security leading to leakage of protected health information, HHS looks for consistency in the covered entity’s response — with both HIPAA rules and the organization’s own written procedures, according to a former official with HHS’ Office for Civil Rights. OCR tends to “expect a perfect assessment done the […]