US federal privacy laws don’t adequately protect sensitive information and need updating to keep pace with technology, according to the Government Accountability Office (GAO). Recently congressional hearings were held to help Congress understand the inadequacies of current federal legislation around privacy and security of personal information held by the government.
Federal agency collection or use of personal information is governed primarily by two laws: the Privacy Act of 1974 and the privacy provisions of the E-Government Act of 2002. The Privacy Act places limitations on agencies’ collection, disclosure, and use of personal information maintained in systems of records. It describes a record as any item or collection of information about an individual that is maintained by an agency and contains his or her name or another personal identifier. It defines a “system of records” as a group of records under the control of any agency where information is retrieved by the name of the individual or by an individual identifier.
Read the rest of this entry »
I heard this great story the other day about the clash of old and new technology. Some of us (me) are old enough to remember a time before computers. I even remember when gasoline was $.29 a gallon. The best technology around was the telephone (and the TV) and most electronic communication was done using telephony-based systems.
I was listening to the TWiT podcast and Brian Brushwood was talking about a recent trip he had to Indonesia. Brian had to get travel and work documents approved from the Indonesian government. Since he had to do this before he got there, they sent him the documents electronically, sort of. As he was telling the story, I expected a rant about using a fax machine. If only. The transaction was done using Telex.
Read the rest of this entry »
The days of sitting in your office and working on a desktop computer are long gone. The laptop has become the computing tool of choice for most people, but now smartphones and tablets are augmenting or replacing it as business is done from anywhere, at anytime.
Mobile devices and cloud computing are fueling our ability to get work done wherever we are. There is freedom in sharing documents across your many devices by tapping into cloud services, like Dropbox, Google Docs, SkyDrive, iCloud and Box. It makes it simple to collaborate with colleagues and business partners no matter where they are, what time they want to work or what device they use. But there is also risk as more information floats freely around the Internet and on mobile devices.
Read the rest of this entry »
It seems that experiencing a data breach is no longer a matter of “if” but “when”. According to the US Government Accountability Office, there were about 13,000 federal data breach incidents in 2010. In 2011, it rose to 15,500 — an increase of 19 percent. The amount of personal information compromised through data breaches was on the rise in 2011. According to the Privacy Rights Clearinghouse, about 30 million records were compromised in 2011 in 535 separate breaches in the United States. That’s up from 12.3 million in 2010. And things haven’t stopped in 2012 as organizations all over the world are suffering major breaches.
Odds are your organization will have some type of incident at some point in the future. Think about this the same way you look at having a fire. You try to minimize the risk by putting certain plans and technology into place. You have a fire escape with a defined exit plan to get people out of a building. You put in smoke detectors and sprinklers to warn people and help extinguish the fire. You have alarms to alert people and call the fire department. You have insurance to manage any damage.
Read the rest of this entry »
