Sunday, May 06, 2018

Data integrity. How do you know your records haven’t been modified.
State investigates grade changes at local high school
The Alabama Board of Education and Escambia County Board of Education are investigating after school administrators found discrepancies in students' grade reports in East Brewton.
Escambia County Superintendent John Knott confirms there were changes to students' grades at W.S. Neal High School. The discrepancies were discovered when the school was finalizing the Top 10 students.
… "Who did it?" she asked. "How did they have access to do it? What is the school doing to prevent this from happening again?"
The school district isn't releasing any details until the investigation is complete.

So if your clients disclose breached records, you don’t have to?
Ugh. The FastHealth breach is still dripping out with yet more people first being notified. This time, it’s Cullman Regional.
There’s no provision in HITECH (at least as far as I know) that would require a business associate to make one public disclosure of how many patients, total, have to be notified about an incident. So some clients may choose to do their own notifications, while FastHealth may send notification letters to others’ patients.
How bad/extensive was the FastHealth incident? It would be nice to get a fuller picture/number.
Related Posts:

Why would a government entity be using gmail (rather than government hosted email) in the first place? Would any non-official (personal) email system be subject to a FOIA request just because the owner worked for the government and might have sent work related emails?
Gmail's 'Self Destruct' Feature Will Probably Be Used to Illegally Destroy Government Records
A new update rolling out for Gmail offers a “self destruct” feature that allows users to send messages that expire after a set amount of time.
While this may sound great for personal use, activists fear that government organizations will use the feature to delete public records to hide them from reporters and others interested in government transparency. Normally, government emails are available to journalists, researchers, and citizens using Freedom of Information Act requests (and its state-level analogues.)
“As more local and state governments and their various agencies seek to use Gmail, there is the potential that state public records laws will be circumvented by emails that 'disappear' after a period of time,” the National Freedom of Information Coalition wrote in a letter to Google CEO Sundar Pichai. “The public’s fundamental right to transparency and openness by their governments will be compromised.”
“We urge you take steps to assure the “self-destruct” feature be disabled on government Gmail accounts and on emails directed to a government entity,” the organization added.

Will we see more like this? to close to EU users saying it can’t comply with GDPR
Put on your best unsurprised face:, a company that has, for years, used the premise of ‘free’ but not very useful ’email management’ services to gain access to people’s email inboxes in order to data-mine the contents for competitive intelligence — and controversially flog the gleaned commercial insights to the likes of Uber — is to stop serving users in Europe ahead of a new data protection enforcement regime incoming under GDPR, which applies from May 25.
In a section on its website about the regional service shutdown, the company writes that “unfortunately we can no longer support users from the EU as of the 23rd of May”, before asking whether a visitor lives in the EU or not.
Clicking ‘no’ doesn’t seem to do anything but clicking ‘yes’ brings up another info screen where writes that this is its “last month in the EU” — because it says it will be unable to comply with “all GDPR requirements” (although it does not specify which portions of the regulation it cannot comply with).
… in fact if you go to the trouble of reading the small print of’s privacy policy it says it can share users’ personal information how it pleases — not just with its parent entity (and direct affiliates) but with any other ‘partners’ it chooses…
… So it’s not hard to see why has decided it must shut up shop in the EU, given this ‘hand-in-the-cookie-jar’ approach to private data.

This will be fun to watch.
UK regulator orders Cambridge Analytica to release data on US voter
… The test case was taken to the ICO by David Carroll, an associate professor at Parsons School of Design in New York. As a US citizen, he had no means of obtaining this information under US law, but in January 2016 he discovered Cambridge Analytica had processed US voter data in the UK and that this gave him rights under British laws. Cambridge Analytica had refused to accept this and told the ICO that Carroll was no more entitled to make a so-called “subject access request” under the UK Data Protection Act “than a member of the Taliban sitting in a cave in the remotest corner of Afghanistan”.
The ICO did not accept this as a valid legal argument and has now told SCL Elections, which acted as the data controller for Cambridge Analytica, that it has 30 days to comply or appeal. Cambridge Analytica and its affiliates announced this week that they had gone into liquidation, but the ICO has made it clear that it cannot avoid its responsibilities under UK law and states that “failure to comply with this enforcement notice is a criminal offence”.
… The covering letter from the ICO says that if Cambridge Analytica has difficulties complying, it should hand over passwords for the servers seized during its raid on the company’s office – something that raises questions also about what it has managed to retrieve from the servers so far.
… The company has claimed to have up to 7,000 data points on 240 million Americans, and if it refuses to comply with Carroll’s request or can be shown to have misused data, it could open itself up to class action from the entire US electorate – a fact that Dehaye suggests may have contributed to its decision this week to fold.

Cheap and easy. Maybe I’ll have my students try this to explain their research…
Create a Video Lesson Completely In PowerPoint
One of the easier ways to get started making your own video lessons is found within a tool that some of us have been using for decades. That tool is PowerPoint.
There is a screen recorder built into the current version of PowerPoint. The screen recorder will capture anything that you display on your screen and will record you talking about what is displayed on your screen. You can specify how much of your screen you want to have recorded. This means that you could use the screen recorder to record yourself talking over the slides that you have in a PowerPoint presentation.
Follow these steps to create a simple video lesson in PowerPoint:
  1. Create your slides in PowerPoint or open an existing PowerPoint presentation.
  2. Create a blank slide then select "screen recording" from within the "insert" menu.
  3. Drag and drop the "select area" tool to select the amount of screen space you want to have recorded. If you want to record your full screen, just drag the "select area" to the edge of your screen. (The select area tool launches automatically when you select "screen recording" as directed in step 2).
  4. Make sure that you have turned on the audio recording option and that your computer's audio input is working.
  5. Click the record button. All actions on your screen will be recorded including transitions between slides.
  6. When you stop recording, the video will be saved in your PowerPoint presentation. When you share your PowerPoint presentation anyone who has the current version of PowerPoint will be able to view the video.

It’s confusing to be followed by both Vladimir Putin AND the Pope.

No comments: