Tuesday, October 27, 2009

Easily avoidable breach. Encrypt before mailing, decrypt on receipt. Better: Encrypt and transfer via Internet.

http://www.databreaches.net/?p=7998

CalOptima Reports Potential Loss of Patient Claims Information

October 26, 2009 by admin Filed under Breach Incidents, Healthcare Sector, Lost or Missing, Of Note, Subcontractor, U.S.

From CalOptima’s web site:

ORANGE, Calif. (October 23, 2009) – CalOptima has identified the potential loss of past medical claims information for approximately 68,000 of its members that was stored on electronic media devices.

CalOptima’s claims scanning vendor [converts paper records to electronic Bob] sent the electronic media devices to CalOptima through the U.S. Postal service by certified mail. On Tuesday, October 13, 2009, CalOptima discovered the apparent loss of the devices when the external packaging materials were delivered by the U.S. Postal Service without the box containing the devices. CalOptima immediately initiated an investigation to determine the location of the devices, including the possibility that the separated box containing the devices may have been forwarded by the U.S. Post Office to another U.S. Post Office facility. On Wednesday, October 14, 2009, CalOptima notified state and federal agencies of the potential loss of the devices, and on the following day, posted an alert for public notification on its Web site when it became evident the devices might not be located. CalOptima, its vendor, and the U.S. Postal Service are continuing to search for the box containing the devices. Claims information contained on the devices includes member names, home addresses, dates of birth, medical procedure codes, diagnosis codes and member identification numbers, including some Social Security numbers. The devices contained only copies of historical processed claims information. CalOptima has identified the affected members and is preparing to send them notice letters. For more information, CalOptima members should call CalOptima at 1-800-509-4225.

According to CalOptima’s web site, their network of doctors and hospitals includes more than 5,000 primary care doctors and specialists and 24 hospitals serving nearly 380,000 members.

Hat-tip, Joseph Goedert of Health Data Management



Who is not learning? My students know how to prevent this, if they have the budget for it.

http://www.databreaches.net/?p=7988

Stolen laptops biggest danger as extent of UK data losses revealed

October 26, 2009 by admin Filed under Commentaries and Analyses, Non-U.S., Of Note

Karl Flinders reports:

UK CIOs reported 356 data loss incidents last year, a Freedom of Information (FOI) request by a software supplier has revealed.

The FOI request to the information commissioner’s office by Software AG revealed that within the 356 reported incidents 71 memory sticks and CDs were lost, 127 devices including laptops were stolen and there were 24 incidents of data lost in transit via courier services.

On 78 occasions data was disclosed in error. This included packages being wrongly addressed and arriving at the wrong place.

The 356 incidents between November 2008 and September 2009 compared with 190 incidents between October 2007 and November 2008, said Software AG.

Read more on Computer Weekly.

[From the article:

"The chronic problem of data loss should be in decline, and not increasing, as these figures seem to indicate. Organisations are failing to learn from previous examples. They continue to gamble with sensitive data via risky transfers, rather than implementing a robust infrastructure to ensure information is moved securely," said Tim Holyoake, lead technologist at Software AG.

Read the full response to the FOI request >>



Judges are finally asking how to redress the harm to the victims!

http://www.databreaches.net/?p=7991

TD Ameritrade settlement rejected

October 26, 2009 by admin Filed under Breach Incidents, Financial Sector, Hack, Of Note

Josh Funk of Associated Press reports that Judge Vaughn Walker has rejected the settlement offer by TD Ameritrade. The settlement was in response to a hack in 2006 nd 2007 which exposed customer contact information on 6.3 million clients. According to the AP, the judge found that the deal, which would give the affected customers anti-spam software for a year and a promise of tighter security in the future, did not provide sufficient benefit to customers while providing $1.9 million in legal fees.

Back in May, I had commented that:

The settlement will not result in any money for class members but the lawyers get almost $2 million. Indeed, it’s not clear to me that the class members get anything at all out of this settlement. I guess we’ll have to wait and see the actual terms when the deal is approved.

IJudge Walker had tentatively approved the deal in May and then held a hearing in September, and will be interesting to read his decision when it becomes available. What changed his mind between May and now?



Tools & Techniques Another one for the Hacker Folder. (Do “Socialite-Hackers” come from Vassar?)

http://www.pogowasright.org/?p=4793

Socialite Charged with Hacking Voice Mail

October 26, 2009 by Dissent Filed under Breaches, Court

Most of us carry a cell phone to stay in touch. But, as CBS News Science and Technology correspondent Daniel Sieberg reports, you might be surprised to learn just how easy it is to violate your privacy or even trick you.

A high-profile publicist is accused of hacking into the voice mail of some other women, including one who dated her ex-boyfriend.

Former Dolce & Gabbana publicist Ali Wise is accused of hacking into the voice mail of a romantic rival after the woman started dating Wise’s ex-boyfriend.

Wise used free software called “SpoofCard” to gain access to the voice mails. The program also lets you disguise your voice and make it appear as though you’re calling from a different number.

Read more on CBS News. Thanks to Brian Honan for this link.

[Spoofcard is available here: http://www.spoofcard.com/ Also on the iPhone App Store. Bob]



Bad lawyers loose their “above the law” status? Bet that doesn't happen very often.

http://www.pogowasright.org/?p=4791

B.C.’s law society gives itself authority to copy hard drives without court order

October 26, 2009 by Dissent Filed under Non-U.S., Workplace

Jane Mundy reports:

On the heels of the Law Society of British Columbia (LSBC)’s commitment to make major changes to its disciplinary process, B.C. Benchers adopted a rule in October that allows investigators to copy a lawyer’s entire hard drive — including personal information.

Benchers agreed that the law society will create a rule that requires every lawyer to comply with an order to preserve all electronic records as they existed at the time a records search under R. 4-43 is presented to the member.

Read more on The Lawyers Weekly.



You can't really ban useful technologies.

http://news.cnet.com/8301-27080_3-10383372-245.html?part=rss&subj=news&tag=2547-1_3-0-20

Defense Department to partially lift flash drive ban

by Elinor Mills October 26, 2009 1:15 PM PDT

The U.S. Department of Defense ban on USB thumb drives instated nearly a year ago will eventually be partially lifted to allow authorized people to use official flash drives for mission-critical functions, according to a top military official.



The world is heading to Cloud Computing, why not build tools into your Operating System>

http://news.cnet.com/8301-30685_3-10382984-264.html?part=rss&subj=news&tag=2547-1_3-0-20

Ubuntu's new Linux tries getting cloud-friendly

by Stephen Shankland October 26, 2009 12:43 PM PDT

With all the hubbub about Snow Leopard and Windows 7, there's another operating system out there you may not have noticed that's getting a significant update: Ubuntu Linux.

Ubuntu backer Canonical plans to release its "Karmic Koala" version on Thursday, and both the desktop and server versions of the open-source operating system take significant steps toward cloud computing.



The PDF reader could be the best 'tip'

http://www.makeuseof.com/tag/top-8-programs-that-can-make-your-computer-run-faster-nb/

Top 8 Programs That Can Make Your Computer Run Faster

Oct. 26th, 2009 By Angelina



Time wasters...

http://www.makeuseof.com/tag/how-to-watch-ncaa-sports-games-online-for-free/

How To Watch NCAA Sports Games Online For Free

Oct. 27th, 2009 By Karl L. Gechlik

… Our first option is NCAA.com. That is the NCAA’s on demand site.



Today Dilbert shows the downside of rewarding Disaster Planners

http://dilbert.com/strips/comic/2009-10-27/



As I explained to my Disaster Recovery students, this video is not funny.

http://www.youtube.com/watch?v=ZMd6m0FoMFw

No comments: