The cost of a HIPAA Privacy Breach
HIPAA privacy and security violations cost Seattle company $100,000
Friday, July 18 2008 @ 04:06 PM EDT Contributed by: PrivacyNews
The Department of Health and Human Services has settled complaints over breaches of health information privacy and security rules by a Seattle home health care company.
Health records of more than 386,000 patients were compromised, according to an HHS news release. Under the first-of-its-kind agreement, Providence Health & Services of Seattle has paid $100,000 and promised to take steps to ensure further breaches do not happen.
Source - Government Health IT
Related - HHS Press Release
[From the article:
The agreement labels the $100,000 payment a “resolution amount.” “Providence’s cooperation with [HHS offices] allowed HHS to resolve this case without the need to impose a civil monetary penalty,” the news release states. [They get to say, “We were never fined?” Bob]
... The agreement states that laptops, disks and tapes containing individuals’ health records protected under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) were taken from cars parked by Providence employees on five occasions in 2005 and 2006. [So HHS is about 18 months behind in its investigations? Bob]
Forgive me for applying logic, but wouldn't the fact that a defendant named “A” is using the identification of a victim named “B” suggest that he knew the ID wasn't his?
Some rulings on aggravated identity theft
Saturday, July 19 2008 @ 05:46 AM EDT Contributed by: PrivacyNews
Another federal appellate court holds that the crime of aggravated identity theft requires proof that the defendant knew that the means of identification belonged to another person: The U.S. Court of Appeals for the First Circuit, in a ruling that you can access here, becomes the second federal appellate court to so hold in two days. Yesterday, in a ruling that you can access here, the majority on a divided three-judge Ninth Circuit panel reached the same result. Interestingly, today's First Circuit ruling was written by a senior Ninth Circuit judge sitting by designation.
Source - How Appealing blog
Strangely, you must download the book one chapter at a time. I wonder why they did it that way?
The Freewheeling Web's Privacy Noose
By Katherine Noyes TechNewsWorld 07/19/08 4:00 AM PT
It's no secret that individual privacy has already suffered since the Internet era began, but privacy law expert Daniel Solove believes things are likely to get even worse -- much worse -- and he illustrates his vision in living color with a wealth of examples from the here and now.
In The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press, 2007) -- now available as a free download -- Solove begins his dark tale with the classic story of "dog poop girl," a young woman now famous for refusing to clean up after her dog on a South Korea subway train.
Tools & Techniques Also has application in the Forensics world, but is not a perfect solution.
July 18, 2008 2:47 PM PDT
Security Bites 108: Understanding white listing
Posted by Robert Vamosi
To put it simply, the concept of "white listing" is to define a set of software, a set of vendors, and allow only those trusted applications or files from those vendors to run on your machine. If a file or application is not approved, it will not run.
... Massachusetts-based Bit9 has created one of the largest catalogs of "known good" and "known bad" applications.
I wonder how much play this will get in the media?
GOP cyber-security expert suggests Diebold tampered with 2002 election
Larisa Alexandrovna and Muriel Kane Published: Friday July 18, 2008
A leading cyber-security expert and former adviser to Sen. John McCain (R-AZ) says he has fresh evidence regarding election fraud on Diebold electronic voting machines during the 2002 Georgia gubernatorial and senatorial elections.
Bad hackers, good hack? What kinds of legal knots does this tie?
Ubisoft Uses Internet Crack To Get Around Its Own DRM
from the ah,-the-irony dept
Ubisoft, one of the larger video gaming companies out there, has a somewhat troubled history of overburdening its games with awful DRM. And, as with most DRM systems, the people it tends to hurt most are the legitimate purchasers who somehow run afoul of whatever DRM rules are in place. In this case, the Ubisoft game Rainbow Six: Vegas2 (R6V2) had some DRM that would check to see if the physical media (CD-ROM) was in the drive before it would let you play. Unfortunately, Ubisoft also offered the game as a download via IGN's Direct2Drive store. They had set it up so this would work even without the actual CD, but a recent patch didn't take that into account, and broke the game for anyone who had purchased it via D2D.
So, what does Ubisoft do? It releases a patch that isn't actually a "patch" but a well known crack that it downloaded off the internet. As TorrentFreak points out at the link, according to the way companies like Ubisoft look at things, it "stole" someone else's code and passed it off as its own. And, of course, there's the somewhat delicious irony that it didn't just "steal" any code for its own use, but the very code that companies like Ubisoft insist is evil, immoral and illegal. Except, of course, when Ubisoft is in desperate need of it, apparently.
Bad use of the Internet. Ask the photographer to capture your good side...
Web networking photos come back to bite defendants
By ERIC TUCKER Associated Press Writer Jul 18, 2:35 PM EDT
PROVIDENCE, R.I. (AP) -- Two weeks after Joshua Lipton was charged in a drunken driving crash that seriously injured a woman, the 20-year-old college junior attended a Halloween party dressed as a prisoner. Pictures from the party showed him in a black-and-white striped shirt and an orange jumpsuit labeled "Jail Bird."
In the age of the Internet, it might not be hard to guess what happened to those pictures: Someone posted them on the social networking site Facebook. And that offered remarkable evidence for Jay Sullivan, the prosecutor handling Lipton's drunken-driving case.
Sullivan used the pictures to paint Lipton as an unrepentant partier who lived it up while his victim recovered in the hospital. A judge agreed, calling the pictures depraved when sentencing Lipton to two years in prison.
Online hangouts like Facebook and MySpace have offered crime-solving help to detectives and become a resource for employers vetting job applicants. Now the sites are proving fruitful for prosecutors, who have used damaging Internet photos of defendants to cast doubt on their character during sentencing hearings and argue for harsher punishment.
Millionaire posts divorce payout online
Businessman silences critics
Written by Guy Dixon vnunet.com, 18 Jul 2008
Gary Dean, a Lancashire-based millionaire businessman, has published full details of his divorce settlement online in a bid to quash rumours which branded him as "tight".
The true hacker. (Not the “most wanted” hacks, but amusing)
July 18, 2008 10:28 AM PDT
Team debuts electronic-hacking how-to videos at HOPE conference
Posted by Elinor Mills
... A team of do-it-yourself technology gurus are creating a video series that will show you how to hack everyday gadgets to get more--and novel--uses out of them.
Economics: One measure of value is the resale price of a good.
July 18, 2008, 7:47 pm
There’s Lots of Money in Those Old iPhones
By David F. Gallagher
I was walking by the lengthy iPhone line outside the Apple Store in Soho on Sunday when I heard someone call out: “Turn in your old iPhone and get the new one free!”
... But Joe Weingarten of FreeiPhoneSwap, who has been soliciting used phones in Miami, gave a different account to The Miami Herald:
“There’s a very big demand, especially because there is a big shortage overseas,” Weingarten said. He added that he has 15 people working with him and he will be doing the same thing at stores in New York.
... EBay’s marketplace is setting prices for those used phones that make FreeiPhoneSwap’s payout levels look like a ripoff. The 8-gigabyte model is getting bid up to well over $300 on eBay, versus the $200 you would get from FreeiPhoneSwap. It’s not hard to find similar offers on Craigslist.
Might be interesting...
DabbleBoard.com - WhiteBoard for Collaborative Drawing
DabbleBoard is a very user-friendly application that allows you to have fun while drawing, sharing, and collaborating in real-time. If you’d like to share and collaborate with others you’ll have to sign up for a free account but if you just want to draw and explore on your own, you can do so without even needing to sign up. You can choose whether to make a free-hand drawing from scratch, or you can upload a photo from your desktop or by entering a URL. The image upload feature makes it easy to make notes on any image and share them with others making DabbleBoard a great project collaboration tool. There is an array of features which include the ability to effortlessly type in text, scale objects and relocate them.