A HANDFUL OF 2012 PRIVACY AND SECURITY PREDICTIONS
Link: http://www.infolawgroup.com/2012/01/articles/information-security/a-handful-of-2012-privacy-security-predictions/Even though 2011 was an extremely active year on the information security and privacy fronts - with a blizzard of proposed legislation, near weekly front page data breaches and the continued full leap into the cloud with its securities issues - I predict that 2012 events across the privacy and data security landscape will make 2011 look like a walk in the park. A handful of thoughts on what 2012 may hold:
THE $100 BILLION PROBLEM NO ONE IS TALKING ABOUT
When we start to talk losses in hundred of billions of dollars, it's easy for our eyes to glaze over. It's a big number. Hundreds of billions is reserved for things like out-of-control healthcare costs.
Link: http://www.forbes.com/sites/ciocentral/2012/01/02/the-100-billion-problem-no-one-is-talking-about/
DATA BREACH NOTIFICATION COULD BENEFIT FROM FEDERAL ACTION
There is growing consensus that federal legislation is needed to address the 47 different state approaches to data breach notification, but passage of a comprehensive federal bill is less than certain, experts say.
Link: http://www.businessinsurance.com/article/20120101/NEWS07/301019997?tags=|299|303|335
UNHEALTH: 2011 SAW SURGE IN HIPAA COMPLIANCE ISSUES
It's one of the less pleasant healthcare trends of 2011: information is becoming less secure while enforcement is growing more stringent.
Link: http://www.forbes.com/sites/ciocentral/2012/01/02/unhealthy-2011-saw-surge-in-hippa-compliance-issues/
3 STEPS TO PROTECT YOUR COMPANY AGAINST DATA BREACHES
Data breaches are like lightning; they will strike, but you never know where. Some breaches result from negligence, inadvertent disclosure, but many are due to malicious activity. Thus the industry conversation has moved beyond "if" to the questions of "when," and "what is the impact?"
Link: http://www.forbes.com/sites/ciocentral/2012/01/02/3-steps-to-protecting-your-company-against-data-breaches/
ANAHEIM OFFICIAL ORDERS EMPLOYEES TO PURGE RECORDS
An Anaheim official sent an email this week to employees in the city's Planning Department ordering them to purge records deemed "old" or "unnecessary" and threatening "disciplinary action" if they did not do so.
Link: http://voiceofoc.org/oc_north/article_5c25d0c8-337e-11e1-a777-001871e3ce6c.html
STUDY: MEDICAL IDENTITY THEFT RISING SHARPLY
An overwhelming majority of healthcare providers-96 percent-admit that they have lost patients' medical data in the last two years, according to a newly released study. And the number of medical data breaches surged 32 percent in 2011, a worrisome trend as the healthcare industry pushes to digitize all medical records.
Link: http://www.credit.com/blog/2011/12/study-medical-identity-theft-rising-sharply/
TOP TEN CYBERSECURITY STORIES OF 2011
The year 2011 proved to be a busy one on the cybersecurity front, with significant attention being paid to attacks, breaches and general security issues.
Link: http://cybersecurityreport.nextgov.com/2011/12/top_ten_cybersecurity_stories_of_2011.php?oref=latest_posts
TOP 5 COMPLIANCE ISSUES INSURANCE COMPANIES WILL FACE IN 2012
Regulatory scrutiny of the insurance industry has never been more acute. Government regulators from a host of disparate disciplines are intensely focused on making sure we have the controls in place to avoid another financial meltdown.
Link: http://www.corporatecomplianceinsights.com/top-5-compliance-issues-insurance-companies-will-face-in-2012/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+CorporateComplianceInsights+%28Corporate+Compliance+Insights%29&utm_content=Google+Reader
CORPORATE RESPONSIBILITY AROUND DATA BREACHES IS CHANGING
Editor's Note: Peter Guffin will be presenting at the upcoming Privacy Plus Certification Workshop in Miami on January 24-25.
Companies that were victimized by data security breaches in the past were largely able to avoid liability. But that may be changing as a host of laws has been introduced in Congress to establish comprehensive federal data security laws.
LINK: http://www.mainebiz.biz/apps/pbcs.dll/article?AID=/20111226/CURRENTEDITION/312229990/0/CURRENTEDITIONDATES
FIVE QUESTIONS TO ASK ABOUT DATA CENTER OPTIMIZATION
In a down market, many organizations look to reduce costs. One tried and true method in cost reduction is to review existing IT operational procedures in order to determine where adding efficiencies may reduce operational budget requirements.
Link: http://blogs.computerworld.com/19490/five_questions_to_ask_about_datacenter_optimization
2012 RESOLUTION: FULL DISK ENCRYPTION ON ALL COMPUTERS
Privacy rights advocates at the Electronic Frontier Foundation (EFF) are urging computer users to adopt just one resolution in 2012: Commit to full disk encryption on every computer you own.
Link: http://www.zdnet.com/blog/security/2012-resolution-full-disk-encryption-on-all-computers/9876
ENTERPRISES NEED ENCRYPTION TO SECURE PRIVATE DATA
Concerns about data breaches and privacy violations would spur enterprises to adopt encryption and use it effectively, according to security experts.
Link: http://www.eweek.com/c/a/Security/Enterprises-Need-Encryption-to-Secure-Private-Data-151281/
THE DATA PROTECTION GAFFES OF 2011
A number of high profile organisations fell victim to sophisticated, targeted security attacks in 2011, proving that there are indeed bad guys out there trying their best to steal valuable information.
Link: http://www.information-age.com/channels/information-management/perspectives-and-trends/1682293/the-data-protection-gaffes-of-2011.thtml
PUT SECURITY BEFORE COMPLIANCE
If your business is covered by one of the many federal regulations mandating data security, you undoubtedly spend a significant amount of time ensuring that your company is in compliance. But all too many organizations are so focused on achieving compliance that they lose sight of the real goal-protecting the data.
Link: http://www.pcworld.com/article/247274/put_security_before_compliance.html
THE IMPORTANCE OF DATA CLASSIFICATION
Every piece of data is not created equal, and demands for data protection and storage capacity have been increasing exponentially. Many organizations, however, are not reacting fast enough to meet these demands.
Link: http://www.govinfosecurity.com/blogs.php?postID=1158
A LOOK AHEAD AT HEALTHCARE LAW, PRIVACY AND SECURITY
Industry experts representing healthcare law, privacy, security, regulatory and data breach were asked to forecast healthcare data trends for 2012. The overall forecast? Protecting patients' protected health information (PHI) should be viewed as a patient safety issue.
Link: http://www.net-security.org/secworld.php?id=12168
NAID ANNOUNCES RECENT CSDS DESIGNEES
More than 100 individuals have now earned the Certified Secure Destruction Specialist (CSDS) designation following the results of the most recent examination, according to the National Association for Information Destruction (NAID). The Phoenix-based association developed the CSDS program for secure destruction professionals to demonstrate their competencies in data protection legislation, secure destruction operations, physical security, records management, risk management, ethics and NAID certification.
Link: http://www.sdbmagazine.com/Article.aspx?article_id=123839
WHY INFORMATION GOVERNANCE MATTERS
(White paper download)
The chief executive officer of a large organization with multiple divisions and tens of thousands of employees across the United States is interested in minimizing the risk of lost records, reducing costs, and enhancing the ability of the organization's employees and customers to use the information and knowledge collected by the organization. The CEO asks each operating unit of the organization to update and enhance its records management policies and practices.
Link: http://www.martindale.com/legal-management/article_Mayer-Brown-LLP_1402404.htm
HOW TO SUCCEED WITH ELECTRONIC MEDICAL RECORDS
What separates those who realize the benefits of an EMR from those who don't? What are the critical success factors that can help ensure a practice's switch to EMRs is truly transformational?
Link: http://blog.softwareadvice.com/articles/medical/how-to-succeed-with-electronic-medical-records-8-tips-from-real-users-1010512/
STORAGE MANAGEMENT: 10 FACTORS THAT WILL IMPACT IT PROS IN 2012
A number of IT companies survey their customers and potential customers regularly to keep a handle on important new business requirements and trends, so they can update their products accordingly. Storage and information management software provider CommVault has released the results of its annual IT Spending Predictions Survey, detailing the storage purchasing plans, priorities and pressing issues facing IT organizations in 2012. One of the key points made in the survey is that IT storage pros will be walking a tightrope as they try to balance the need to drive projects to fruition while managing and protecting increasingly massive amounts of data.
Link: http://www.eweek.com/c/a/Data-Storage/Storage-Management-10-Business-Factors-That-Will-Impact-IT-Pros-in-2012-181588/