Tag Archives: Data Privacy

So, your business has never had a data breach? Have you ever had an employee leave?

TAKEAWAY: Businesses must protect their data from being taken by anyone who is not authorized to have it — insiders and outsiders alike. If their data is taken in a way that is unauthorized, it is a data breach. When a former employee leaves with a thumb drive, Gmail inbox, or Dropbox of your businesses’ …

Continue reading “So, your business has never had a data breach? Have you ever had an employee leave?”

Private Facebook posts are protected by the SCA unless voluntarily provided by friends with access

There may be some notion of privacy in your private Facebook wall but it is at the whim of your 498 friends — is it really? A district court recently determined that Facebook wall posts are covered by the Stored Communications Act if the privacy settings are set to limit access to only friends. However, …

Continue reading “Private Facebook posts are protected by the SCA unless voluntarily provided by friends with access”

The Indispensability of Cyber Counterintelligence

You already know what a threat hacking and data breaches are to your business, right? Good. In that case, you will appreciate the following post from my friends at SpearTip about cyber counterintelligence. Here’s a little teaser: If your organization is not yet retaining a provider that specializes in this technique, referred to as “Cyber …

Continue reading “The Indispensability of Cyber Counterintelligence”

Presentation: Helping Businesses Prepare for Computer Fraud and Data Breaches

Last night I had the wonderful opportunity to present to IMA – The Association of Accountants and Financial Professionals in Business on the topic of Helping Businesses Prepare for Computer Fraud and Data Breaches. Here are the presentation slides. I was really impressed with the quality of this event on many levels — these folks …

Continue reading “Presentation: Helping Businesses Prepare for Computer Fraud and Data Breaches”

Law360 article quotes Shawn Tuma on data privacy significance of U.S. v. Cotterman

BrittonTuma partner Shawn Tuma was quoted extensively about last weeks’  United States v. Cotterman opinion in a recent Law360.com article titled “9th Circ. Pioneers Laptop Search Limits in Border Case”. Here are excerpts of what Tuma had to say: “The court is raising the level of the expectation of privacy in data closer to that of someone’s …

Continue reading “Law360 article quotes Shawn Tuma on data privacy significance of U.S. v. Cotterman”

Podcast Discussing Data Privacy and Information Security Implications of United States v. Cotterman – Now Available!

You can now listen to the podcast for Courts Showing Greater Respect for Data Privacy – United States v. Cotterman. Click HERE! For a recap, here is my discussion of this podcast and who participated: I finished a fantastic Skype discussion of the Cotterman opinion with with Rafal Los (@Wh1t3Rabbit) and Mike Schearer (@theprez98). As you may recall from The Law and …

Continue reading “Podcast Discussing Data Privacy and Information Security Implications of United States v. Cotterman – Now Available!”

Courts Showing Greater Respect for Data Privacy – United States v. Cotterman

TAKEAWAY: Data privacy is gaining respect within the judiciary, as it should because in many ways, data is the new currency and is worthy of protection. On March 8, 2013 the Ninth Circuit Court of Appeals (en banc) handed down a watershed case with significant privacy implications: United States v. Cotterman, No. 09-10139 (9th Cir. Mar. 8, …

Continue reading “Courts Showing Greater Respect for Data Privacy – United States v. Cotterman”

The Law and the Hacker – Podcast on the Computer Fraud and Abuse Act

Not too long ago I had a nice visit with Rafal Los (@Wh1t3Rabbit) who is otherwise known as the Chief Security Evangelist for HP and blogs at Following the Wh1t3Rabbit – Practical Enterprise Security. Raf is one dude you really need to follow if you’re interested in #infosec.  Anyway, our discussion was centered around the Computer Fraud and Abuse …

Continue reading “The Law and the Hacker – Podcast on the Computer Fraud and Abuse Act”

Responsiveness and Responsibility Are Considered in Assessing Data Breach Fines

About a year and a half ago I wrote a post titled Data Breach – Who’s Gonna Get it? where I made the point that, much like with Ford’s “bean counting” with the Pinto deaths back in the ’70s, companies that were aware of the risk of data breach but did not act responsibly were …

Continue reading “Responsiveness and Responsibility Are Considered in Assessing Data Breach Fines”

What do the penalties look like for a HIPAA violation?

Here you go — they are rising and here is where they currently stand. As you can see, data breach is serious business and serious for your business. VIOLATION TYPE EACH VIOLATION REPEAT VIOLATIONS/YR Did Not Know $100 – $50,000 $1,500,000 Reasonable Cause $1,000 – $50,000 $1,500,000 Willful Neglect – Corrected $10,000 – $50,000 $1,500,000 …

Continue reading “What do the penalties look like for a HIPAA violation?”