Gather ye court victories while ye may
And this same court that smiles to-day
To-morrow will be kicking your butt!
More good news for the state of South
Carolina: a judge has dismissed
a lawsuit against them filed by former state Sen. John Hawkins
over their massive hack in 2011. Although the ruling is not yet
available online, Meg Kinnard of Associated Press reports:
In an order
obtained by The Associated Press, Circuit Judge G. Thomas Cooper Jr.
said the lawsuit had failed to prove that Gov. Nikki
Haley [She of “The Haley Effect” Bob] and other
government officials had harmed the public by conspiring to keep news
of the hacking secret. The order also said the lawsuit couldn’t
show [“had not shown” Bob] that anyone had been
harmed because of the breach.
“There is no
injury that the Court can currently remedy, as no actual harm has
been alleged,” Cooper wrote.
The media coverage does not indicate
the fate of the complaint against TrustWave, but in a tweet
responding to that question, Meg Kinnard indicated that claims
against TrustWave were also dismissed.
Of course, I don’t expect this to be
the end of litigation. As some people come forward to claim they
became victims of fraud or identity theft, I expect to see other
litigation against the state where they may be able to survive a
challenge on standing.
Does any law talk about how long
notification can be delayed? Or how promptly victims should be
contacted? Is there a nutral third-party who could notify without
giving away details? (You're a victim, but we can;t yet reveal the
source.)
Most people I know want law enforcement
to investigate some breaches and realize that, sometimes, that
results delaying notification of those affected by a breach. But
when does delay in notification become unreasonable or too long?
Charles Sweeney reports
that Samaritan Hospital in Troy, New York delayed
notification from November 2011 – when it determined
there was improper access to a patient’s file – until
now because of a sheriff’s investigation. In this case,
an employee of Rensselaer County Jail seemingly
exceeded her authorized access to the hospital’s database. The
hospital reportedly did not notify HHS of the breach at the time on
the advice of their legal counsel. [Any reason mentioned? Bob]
So… is there ever a point where if an
investigation is taking time, patients should still be notified?
Isn’t the point of notification to protect and help the patient
whose PHI has been breached and who may be at risk of harm or adverse
consequences as a result of a breach? One might
think that if a breach is serious enough to trigger a criminal
investigation, it may also be serious enough to impact the patient.
If so, is notification delayed, notification denied?
HITECH requires covered entities to
notify individuals within 60 days, except that there is an exemption
for law enforcement investigations:
Section 164.412(a), which is based on
the requirements of 45 CFR 164.528(a)(2)(i) of the Privacy Rule,
provides for a temporary delay of notification in situations in which
a law enforcement official provides a statement in writing that the
delay is necessary because notification would impede a criminal
investigation or cause damage to national security, and specifies the
time for which a delay is required. In these instances, the covered
entity is required to delay the notification, notice, or posting for
the time period specified by the official.
From the wording, the intent was to
allow a temporary delay. Fourteen months is not a
temporary delay, and yet I can find nothing in HITECH that sets an
absolute limit.
I do not know why the hospital didn’t
notify HHS of the breach. I do not know why the sheriff’s office
took 14 months to investigate or whether any charges have been or
will be filed. All I know is that a 14-month delay in notification
doesn’t strike me as acceptable.
...and if the court says, “No?”
Think for a second about what a “significant interpretation”
might mean. e.g. is spying on Senators Okay?
Steven Aftergood writes:
Several members of
the Senate Intelligence Committee wrote to the Foreign Intelligence
Surveillance Court this month to ask the Court to prepare
summaries of classified opinions that represent significant
interpretations of the Foreign Intelligence Surveillance Act
in order to facilitate their declassification and public release.
Read more on FAS.
An entire new field with no recognized
“Best Practices” for security or privacy.
"Now that President Obama's
federal health care reform is past its major political hurdles —
and with renewed focus on out-of-control costs in healthcare —
companies
that sell 'big data' software are licking their chops. The
reason: Healthcare has huge piles of information that is being used
in new ways, to track patient admissions, spending, and much more.
From hospitals to insurance companies, they'll all need new ways of
crunching those numbers. It's basically an
entirely new field that will dwarf the spending growth in traditional
data-heavy industries like finance, retail and marketing,
a Microsoft regional sales GM says."
“Any sufficiently advanced technology
is indistinguishable from magic a threat to the
status quo”
"Organizations
like the EFF and ACLU have been raising
the alarm over increased government surveillance of U.S.
citizens. Legislators haven't been quick to respond to concerns of
government spying on citizens. But Texas legislators are apparently
quite concerned that private
citizens operating hobby drones might spot environmental violations
by businesses. Representative Lance Gooden has introduced HB912
which proposes: 'A person commits an offense if the person uses or
authorizes the use of an unmanned vehicle or
aircraft to capture an image without the express consent of the
person who owns or lawfully occupies the real property captured in
the image. ('Image' is defined as including any
type of recorded telemetry from sensors that measure sound waves,
thermal, infrared, ultraviolet, visible light, or other
electromagnetic waves, odor, or other conditions.)' Can you foresee
any unintended consequences if this proposal becomes law?"
Another reader notes that New Hampshire
has introduced a similar bill: "Neal Kurk, a Republican member
of New Hampshire's House of Representatives knows that those drones
present a growing privacy concern, and in response has introduced a
bill that would ban all aerial photography
in the state. That is, unless
you're working for the government. The bill, HB
619-FN (PDF), is blessedly short, and I suggest reading the whole
thing for yourself." Here's part of the bill: "A person is
guilty of a class A misdemeanor if such person knowingly creates or
assists in creating an image of the exterior of any residential
dwelling in this state where such image is created by or with the
assistance of a satellite, drone, or any device that is not supported
by the ground."
Buy my new T-shirt: “A paranoid
government is a dangerous government.”
Feds
Say Man Deserved Arrest Because Jacket Said ‘Occupy Everything’
A Florida man deserved to be arrested
inside the Supreme Court building last year for wearing a jacket
painted with “Occupy Everything,” and is lucky he was only
apprehended on unlawful entry charges, the Department of Justice
says.
The President Barack Obama
administration made that assertion in a legal filing in response to a
lawsuit brought by Fitzgerald Scott, who is seeking $1 million in
damages for his January 2012 arrest inside the Supreme Court
building. He also wants his arrest record expunged.
What’s more, the authorities said the
former Marine’s claim that he was protected by the First Amendment
bolsters
the government’s position (.pdf) because the
Supreme Court building’s public interior is a First Amendment-free
zone.
“Surprise, surprise, surprise!” G.
Pyle
"This last week, the Copyright
Alert System was rolled out. Now that everyone is getting a
better idea of what the alert system looks like, criticisms are
building against the system. Freezenet says that the mere fact that
ISPs are using a browser pop-up window opens
the floodgates for fraudsters to hijack the system and scam users
out of money. The EFF criticized the system because the educational
material contains numerous flaws. Meanwhile, Web Pro News said
that this system will
also hurt small business and consumers."
“Become a surgeon in your spare time!
Just knock out your neighbor, push this robot's button and remove
the organ of your choice!”
Law
firms seek victims of 'bad robot surgery'
… In a surreal twist to the ads you
often see for legal help with accidents, arrests, or debt, law firms
in Louisiana and Alabama are fishing for victims of what they call
"bad robot surgery."
The ad below from Becnel
Law Firm, LLC and Riley
& Jackson looks like something that would play in the
background of a sci-fi film, but it's serious. The campaign Web site
Badrobotsurgery.com says,
"Robotic surgery can severely injure the bowel, bladder, and
blood vessels. Some of these injuries can even occur without the
surgeon knowing it, which can lead to severe complications if left
untreated."
In a video on the site, Alabama surgeon
Francois Blaudeau says Intuitive Surgical's wildly popular da
Vinci robot surgery system has injured patients who are having
their prostate or uterus removed. He adds that the robot may not be
properly insulated, causing burns or "even vascular injuries
causing death."
Should be Okay as long as the “Oops,
I didn't mean to Click that!” button is still open source...
Amazon
Patents Gravity-Based Links to Pull You In
Amazon has patented a system that pulls
the pointer toward a link or button, just the thing to
help you click links — and buy products associated with those
links.
How else might this concept be used?
“Hopeless Quest: The Search for logic in Congress?”
"Scientists from Cancer
Research UK are working with Amazon, Facebook and Google to design
and develop a mobile game aimed at speeding up the search for new
cancer drugs. The first step is for 40 computer programmers,
gamers, graphic designers and other specialists to take part in a
weekend "GameJam" to turn the charity's raw genetic data
into a game format, with a working title of GeneRun.
'We're making great progress in understanding the genetic reasons
cancer develops. But the clues to why some drugs will work and some
won't are held in data that needs to be analysed by the human eye —
and this could take years,' said Carlos Caldas at Cancer Research
UK's Cambridge Institute. 'By harnessing the collective power of
citizen scientists we'll accelerate the discovery of new ways to
diagnose and treat cancer much more precisely.'"
For my Math classes...
How
Fast Would a Small Meteor Travel?
For my “Intro to IT” class.
… If you’re an avid user of RSS
readers, one solution to keep up with notifications, is to load them
all into Google Reader (if you’re not a fan of Google Reader, we’d
definitely recommend Feedly
as a slick alternative when it comes to keeping up with RSS feeds).
The reason you might want to use a
method like this is for the convenience of having all of your
notifications in one place, and while you can keep up with what
people are saying to you, or writing on your wall – by not being
directly on your Facebook account or Flickr page, you can maintain a
certain level of productivity. If you don’t want to get sucked
into your social networks, just knowing what’s going on without
being able to interact can be a good way to stay up to date.
Another advantage to using RSS feeds to
keep up with your social network notifications is that if
Facebook or Twitter happen to be blocked by your ISP or at your place
of work, you can still see what other people are saying,
bypassing any sort of blocks that might exist.
Proof that “Ignorant” people vote!
(Some of them vote in the legislature...)
… The Oklahoma
legislature passed the HB 1674, the Scientific Education and Academic
Freedom Act this week (or as Esquire called it, the “Dare
To Be Ignorant Protection Act of 2013,” which prevents schools
from penalizing students for their stances on “controversial”
science topics like global warming and evolution.
… The Higher Learning Commission,
the regional agency that accredits the University of Phoenix,
has recommended that the institution be put on probation. According
to The
Wall Street Journal, “probation was recommended after a review
team concluded the University of Phoenix has ‘insufficient
autonomy’ from Apollo, its parent company and sole shareholder,
that complicates the board’s ability to manage the institution and
maintain its integrity.”
… ShowMe,
maker of an interactive whiteboard iPad app, has launched a
Kickstarter
campaign to fund a new app it’s building called Markup, which
will enable teachers to grade (essay) assignments (with a stylus) on
an iPad.
No comments:
Post a Comment