Information Commissioner’s Office fines a Northern Ireland nursing home for breach of data security

August 28, 2016

A perennial problem in data security is staff taking data off site through lap tops and bring your own devices, usually USB sticks.  The problem is more than removing the data offsite though that can and is a real challenge in data management.  The significant issue is ensuring data is secure when it is off site.

The Information Commissioner’s Office (the “ICO”) has issued a Monetary Penalty Notice, fining a nursing home in County Antrim, Northern Ireland, £15,000 for failing to secure sensitive personal data.  The breach occurred Read the rest of this entry »

Hampshire County Council fined for leaving files with personal details in a disused building

August 24, 2016

Document management is the bane of many organisations.  Take that issue and put it on steroids and that is the scale of the potential disaster that awaits a breakdown in handling personal information.  Government agencies collect a large amount of personal information and are geared towards keeping detailed files.  That means a large volume of documentation.

The Hampshire County Council has been fined £100,000 as a result of 45 bags of confidential waste found in a disused building.  The documents contained sensitive information about adults and children in vulnerable situations.

It is a case of a failure to Read the rest of this entry »

The US Federal Trade Commission takes action against ASUS regarding misleading statements about data security

August 3, 2016

The Federal Trade Commission has finalised its orders against ASUSTek Computer arising out its failure to take reasonable steps to secure software on its routers despite make promises about security.  The terms of the settlement are onerous.  As they should be.  It would be Read the rest of this entry »

Data breach by the Victorian Department of Health and Human Services

July 12, 2016

Control of data and the consequential protection of privacy, is to a large degree dependent on staff receiving the proper training in information management and having an understanding of how the Privacy Principles operate.  The consequences of Read the rest of this entry »

The ease of hacking…article in The Australian

June 30, 2016

The Australian in How Nmap, SuperScan and others make hacking your details easy has a somewhat breathless coverage of how easy it is hack into web sites.  The coverage is not particularly new but it is again useful to set out the opportunities available to hackers, usually through the inadvertence or negligence of Read the rest of this entry »

French police hit by data breach

June 29, 2016

Data breaches can occur as easily in the public sector as the private sector.  In the public sector the consequences can be particularly worrying.  As with the personal details of 112,000 French police officers being put on line according to the BBC report French police hit by security breach as data put online.   This is all the more concerning given Read the rest of this entry »

A Digital Rights Commissioner..Yes according to the Greens…Chances less clear

June 25, 2016

The regulation of privacy and the various governmental agencies involved in some form of regulation or oversight of cyberspace, such as the E Safety Commissioner, has not been a hot button issue in this election.  In fact it has been a non issue.  At least thus far.

The Greens have released a policy calling for the establishment of a Digital Rights Commissioner.  More accurately it is a Human Rights Commissioner for digital rights.  This position will Read the rest of this entry »

InMobi agrees to pay $950,000 for tracking millions of consumer locations without permission

June 24, 2016

The Federal Trade Commission (“FTC”) brought a complaint against InMobi for tracking hundreds of millions of its consumers locations without permission. InMobi represented that it would only track consumers’ locations when they opted in for that function.  In fact the tracking device operated whether there was consent or not.  Worse, the tracking device operated when there was a specific denial of Read the rest of this entry »

A Current Affair “expose” of Westpac shows the impact of a data breach

June 23, 2016

A Current Affair has used a data breach to embarrass Westpac in piece titled  Bank Documents which aired on Tuesday night.  Some of the facts are contested and the motivations of the “whistle blower”, Read the rest of this entry »

Insider threats in the health sector are significant threat to privacy

June 20, 2016

The Health Sector is complex and data driven.  From a single doctor’s surgery to large teaching hospitals the amount of data collected is enormous.  There is highly sensitive personal information in a patient’s medical file and their financial information with billings details, medicare and health insurance information and employee records.  There is a trove of information kept on site.  Often medical information is Read the rest of this entry »