Group items tagged

"Medical records for about 15,500 Northern California Kaiser patients - about 9,000 of them in the Bay Area - were compromised after thieves stole an external drive from a Kaiser employee's car last month, Kaiser officials said Tuesday." Kaiser officials said the electronic device contained patients' names, medical record numbers and possibly ages, genders, telephone numbers, addresses and general information related to their care and treatment. No Social Security numbers or financial information was contained on the drive, and Kaiser officials said there's no evidence that the information has been used inappropriately. The device was not encrypted, but some of the information was password protected. Kaiser has sent letters to the 15,500 members and the employee, who Kaiser would not identify, has been fired.

Another hospital employee fired for inappropraite access of medical records. More damage to a medical group reputation because someone failed to get the message.

"The last quarter of 2009 should be partly remembered in the advertising community as a juncture when big agencies -- namely Omnicom Media Group, The Nielsen Company, and WPP -- announced consumer data mergers. The deals entailed the marriages of offline and online data and appeared to reveal a potentially major stepping stone in the evolution of "hyper-targeting." Some of the agencies have trumpeted their newfound ability to create consumer segments related to behavioral elements such as "passion points" (e.g., shown interest in electronics, photography, fantasy football, etc.), as well as geographic location, beverage preferences, favorite social media sites, activity levels at the sites, and so on. Augustine Fou, group chief digital officer for Omnicom's Healthcare Consultancy Group and a ClickZ columnist, said that while increased hyper-targeting would likely result from the data marriages, unresolved issues remain before the use of combined online/offline data is widely adopted by brands. "For example, as diverse data sets begin to be integrated, it will become painfully apparent what data can be integrated -- or not -- and specific tradeoffs will have to be made to move forward," he explained. "In particular, privacy policies of sites and ad networks will need to be revisited." The growing ability for marketers to target online ads using data gathered offline has generally raised concern among consumer privacy advocates. To that end, Fou suggested that brands are cautiously optimistic about hyper-targeting and slightly wary of public/consumer perception. "

Marriage of offline and online data sources to target advertising may make tracking more interesting for consumers and advertisers alike.

"The number of fraudulent IRS websites taken down in 2008 soared to 3,030, up more than 240 percent from 2007, according to a GAO analysis of Internal Revenue Service data, suggesting a sharp increase by criminals to draw unassuming taxpayers to faux tax agency websites to steal identities and money. In a Government Accountability Office audit, made public Thursday, the GAO credited the IRS for implementing programs to prevent, detect and resolve identity theft, but said the tax agency needs to do a better job in assessing the effectiveness of its initiatives. And, as it relates to potential online abuse, the IRS should be more consistent in enforcing security controls. "

Is the price to safeguard America's information systems and networks on a collision course with efforts to rescue the economy? One would hope not, but the $789 billion stimulus package that contains nearly $10 billions for IT-related projects offered very little for cybersecurity. Still, the president sees protecting government and private-sector information systems as crucial to the economic vitality of the country. So, when Acting Senior Director for Cyberspace Melissa Hathaway hands the President her recommendations on securing the nation's information infrastructure later this month, a sharper picture should emerge on how much money the government will need to spend to do just that. What Price Security? The government isn't a spendthrift in protecting its IT networks; it earmarked $6.8 billion a year on cybersecurity this fiscal year, up from $4.2 billion five years ago, according to the White House Office of Management and Budget. But is that enough? Appropriating money to find new and innovative ways to protect our critical information infrastructure doesn't seem to be a government priority, at least not yet. Of the $147 billion the government planned to spend on all types of research and development this fiscal year, only $300 million or 0.2 percent was slated for cybersecurity, according to the Securing Cyberspace in the 44th Presidency report issued by the Center for Strategic and International Studies. By comparison, the budget contained five times as much money $1.5 billion for nanotechnology R&D.

The European Commission started legal action against Britain on Tuesday for what the EU executive called a failure to keep people's online details confidential. EU Telecoms Commissioner Viviane Reding said the action related to how Internet service providers used Phorm (PHOR.L) technology to send subscribers tailor-made advertisements based on websites visited. Reding said Internet users in Britain had complained about the way the UK applied EU rules on privacy and electronic communications that were meant to prohibit interception and surveillance without the user's consent. "Technologies like Internet behavioural advertising can be useful for businesses and consumers but they must be used in a way that complies with EU rules," Reding said in a statement. "We have been following the Phorm case for some time and have concluded that there are problems in the way the UK has implemented parts of the EU rules on the confidentiality of communications," Reding said. She called on Britain to change its national laws to ensure there were proper sanctions to enforce EU confidentiality rules. Unless Britain complies, Reding has the power to issue a final warning before taking the country to the 27-nation EU's top court, the European Court of Justice. If it rules in favour of the European Commission, the court can force Britain to change its laws. (Reporting by Huw Jones, editing by Dale Hudson)

making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445

Two things to remember as you prepare to file your taxes: If you get an e-mail from the IRS, it's probably a scam. And don't forget the stamp. As the April 15 tax filing date nears, online tax-related scams tend to ratchet up, experts say. If you're not careful, you could lose a lot more than just the refund. "Filing your taxes online is extremely convenient, however if you want to maintain the privacy of your data, you need to ensure that you are connecting to the proper Web site, that the connection is using encryption, and that your computer is free from any malware. If any of these components are compromised then your data is not safe," Ryan Barnett, director of application security research for Breach Security, said on Friday. "This would be like going to an ATM machine to withdraw money and allowing everyone around you to see your PIN number as you punch it in," he added. Not only do people have to take precautions in storing and transmitting their data over the Internet, but they also have to be wary of social engineering-type ruses that scammers use to trick people into giving out their sensitive data. Probably the most common type of tax season scam is the fake IRS phishing e-mail. These e-mails will either claim to be a tax refund or an offer to help file for a refund, settle tax debt, or other aid. (Not long ago, scammers were offering economic stimulus payments, even before the plan was approved.) They will provide a link to a Web site where the visitor is prompted to type in personal data like a Social Security number. Don't trust it, experts say.

www.killdo.de.gg Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com

The Oklahoma Department of Human Services (DHS) is notifying more than one million state residents that their personal data was stored on an unencrypted laptop that was stolen from an agency employee. The computer file contained the names, Social Security numbers, birth dates and home addresses of Oklahoma's Human Services' clients receiving benefits from programs such as Medicaid, child care assistance, nutrition aid and disability benefits, the agency announced Thursday. The computer, which was stolen when a thief broke into the car April 3 after the employee stopped on her way home from work, was password protected, and officials do not believe the burglar realized what he or she was stealing. Therefore, the risk of the data being accessed is minimal, according to the agency. "We feel this was not a situation where someone was targeting the agency or that information," DHS spokeswoman Mary Leaver told SCMagazineUS.com on Friday. "We feel it was random." Leaver said the state Office of Inspector General is conducting an investigation, out of which likely will come a mandatory review of information security policies. However, it is not believed the employee violated existing policy when the incident occurred, she said. News of the theft comes one day after the Ponemon Institute, in conjunction with Intel, released a study that found the average value of a lost laptop is $49,246. About 80 percent of the cost is related to the chance that a breach could occur, the study showed.

China has denied allegations that it hacked into a Pentagon IT system and recovered plans for the Joint Strike Fighter (JSF). The combat aircraft which is to be procured by Britain as well, is being produced by Lockheed Martin. In allegations first reported in the Wall Street Journal, hackers stole "several terabytes of data related to design and electronics systems". The most sensitive data however on weapons systems and its stealth technology was not breached since it is kept on computers not connected to the internet. IT experts have said that they suspect the hackers came from China although it will be difficult to identify their exact origins. Hacking into IT systems as complex as the DoD's would require the help and capabilities of another government. Recovering data on the JSF would allow countries or rogue groups who could face the aircraft in future conflicts to develop counter measures based on the aircraft's weaknesses. The Chinese strongly denied that the breach originated from their country. "China has not changed its stance on hacking. China has always been against hacking and we have cracked down very hard on hacking. This is not a Chinese phenomenon. It happens everywhere in the world," a spokesperson for the Foreign Ministry said. This is not the first time the JSF's security has been breached. Early on in the contract the DoD and Lockheed Martin admitted that there was no universal IT security policy for the 1,200 sub contractors and that leaks may have occurred. BAE subsequently admitted that their IT security for JSF material was lax and that leaks could have occurred. Britain is scheduled to buy 150 of the aircraft by 2018.

Don't underestimate the maddening complexity and considerable costs of digitizing health care records and processes. That was the overarching message from a dozen or so health care players, some of them doctors, following my recent column urging the industry to bring its IT practices into the 21st century. A few readers took issue with my labeling health care practitioners as "laggards." In fact, argues Dr. Daniel Essin, former director of medical informatics at Los Angeles County + USC Medical Center, "physicians are, and have always been, early adopters of technology." Essin, who's now chairman of an electronic medical records vendor, ChartWare, says many physicians have made multiple attempts to implement EMRs but failed. He cites six main reasons: * They can't articulate a set of requirements against which products can be judged. * EMR systems aren't flexible enough, requiring workarounds even before their implementation is complete. * There's a mismatch between the tasks products are expected to perform and the products' actual functionality. * Some systems are conceived as a "simple" add-on to the billing system. * System workflows consume way too much physician time and attention. * There isn't adequate integration between internal and external systems. Related to most of those obstacles is cost. One EMR kit at the entry level, offered by Wal-Mart's Sam's Club unit in partnership with Dell and eClinicalWorks, is priced at around $25,000 for the first physician and $10,000 for each additional one. After installation and training, annual maintenance and support costs are estimated at $4,000 to $6,500. That's still not chump change, especially for the smallest practices.

making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445

After Google issued an official raspberry to South Korea - by sidestepping its "real name" law by simply disabling comments and uploads - the Korean government has taken to pounding the table and turning beet red. Korean reporter Koo Bonkwo sent me an email with his latest report on the situation. The Hankyoreh reports that the Korea Communications Commission is "in an uproar" over Google's actions. According to an unnamed official at KCC: The people higher up said that they could not just leave Google alone and told us to find something to punish them with, so the related team is researching possible illegalities. At a meeting of a National Assembly committee that deals with communciations, KCC chairman Choi See-joong, railed to members: They are speaking as though Korea is a backwards Internet nation that is intensifying its Internet censorship. Why are you just standing around doing nothing?

Like this http://www.hdfilmsaati.net Film,dvd,download,free download,product... ppc,adword,adsense,amazon,clickbank,osell,bookmark,dofollow,edu,gov,ads,linkwell,traffic,scor,serp,goggle,bing,yahoo.ads,ads network,ads goggle,bing,quality links,link best,ptr,cpa,bpa. www.killdo.de.gg

Set of podcasts providing a road map through the 4th Amendment of the Constitution, particularly a 4th Amendment search. Intended to give you a step-by-step approach through the 4th Amendment to the Constitution of the United States as it applies to searches, your expectation of privacy and related issues.

making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445

Wikipedia told the controversial U.K. advertising firm Phorm on Thursday not to spy on Wikipedia's users, saying the company's plan to monitor what sites people visit on the net invaded people's privacy. Wikipedia now joins Amazon.co.uk in opting out of the Big-Brother-esque marketing scheme and creating the possibility of a mass opt-out by the net's largest websites. Phorm wants to pay ISPs -- such as British Telecom -- to let it build marketing profiles of its subscribers by installing boxes inside the ISP that monitor every url users visit and every search they run. Using those profiles, Phorm can charge advertisers high rates to serve targeted ads. But in an email sent Thursday, Wikimedia.org told Phorm not to record anything about urls from domains it controls, ranging from Wikiquotes to Wikipedia -- one of the most popular sites on the net. Phorm operates an opt-out system for sites and ISP customers, but it would be virtually impossible to verify if the company actually complied with such requests. "The Wikimedia Foundation requests that our web sites including Wikipedia.org and all related domains be excluded from scanning by the Phorm / BT Webwise system, as we consider the scanning and profiling of our visitors' behavior by a third party to be an infringement on their privacy," the email read, according to a Wikimedia blog post.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

The Federal Trade Commission today announced that it has approved a Federal Register notice seeking public comment on a proposed rule that would require entities to notify consumers when the security of their electronic health information is breached. The American Recovery and Reinvestment Act of 2009 (the Recovery Act) includes provisions to advance the use of health information technology and, at the same time, strengthen privacy and security protections for health information. Among other things, the Recovery Act recognizes that there are new types of Web-based entities that collect or handle consumers' sensitive health information. Some of these entities offer personal health records, which consumers can use as an electronic, individually controlled repository for their medical information. Others provide online applications through which consumers can track and manage different kinds of information in their personal health records. For example, consumers can connect a device such as a pedometer to their computers and upload miles traveled, heart rate, and other data into their personal health records. These innovations have the potential to provide numerous benefits for consumers, which can only be realized if they have confidence that the security and confidentiality of their health information will be maintained. To address these issues, the Recovery Act requires the Department of Health and Human Services to conduct a study and report, in consultation with the FTC, on potential privacy, security, and breach notification requirements for vendors of personal health records and related entities. This study and report must be completed by February 2010. In the interim, the Act requires the Commission to issue a temporary rule requiring these entities to notify consumers if the security of their health information is breached. The proposed rule the Commission is announcing today is the first step in implementing this requirement. In keeping with the Recover

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

In a move that could reshape the federal government's cybersecurity efforts, President Obama on Monday said a former Booz Allen consultant would conduct an immediate two-month review of all related agency activities. The announcement indicates that the White House's National Security Council may wrest significant authority away from the U.S. Department of Homeland Security, which weathered withering criticism last fall for its lackluster efforts. Obama selected Melissa Hathaway, who worked for the director of national intelligence in the Bush administration and was director of an multi-agency "Cyber Task Force," to conduct the review with an eye to ensuring that cybersecurity efforts are well-integrated and competently managed. "The president is confident that we can protect our nation's critical cyber infrastructure while at the same time adhering to the rule of law and safeguarding privacy rights and civil liberties," said John Brennan, the president's homeland security adviser. Hathaway's appointment comes as Obama plans to overhaul the National Security Council, expanding its membership and effectively centralizing more decision-making in the White House staff. That would vest more authority in a staff run by James L. Jones, a former Marine Corps commandant who warned at a speech in Munich over the weekend that terrorists could use "cyber-technologies" to cause catastrophic damage. During a panel discussion that CNET News wrote about last fall, Hathaway defended Homeland Security's efforts to develop what it called a National Cyber Security Initiative, saying there was "unprecedented bipartisan support" for it. "Over the past year cyber exploitation has grown more sophisticated, more targeted, and we expect these trends to continue," she added. "Our cybersecurity approach to date has not kept up with the threats we've seen."

The recent U.S. stimulus bill includes $18 billion to catapult the health industry toward the world of electronic health records. This is sure to light a fire under every hungry security vendor to position itself as the essential product or service necessary to achieve HIPAA compliance. It should also motivate healthcare IT professionals to learn where their sensitive data is located and how it flows. To be sure, with federal money allocated through 2014 for the task of modernizing the healthcare industry there will be many consultant and vendor businesses that will thrive on stimulus money. Healthcare is unique in that storage of electronic health records is highly distributed between primary care physicians, specialist doctors, hospitals, and insurance/HMO organizations. Information has to be efficiently shared among these entities with great sensitivity towards patient privacy and legitimate claims processing. Patients want to prevent over zealous employers from performing unauthorized background checks on medical history; claim processors want to prevent paying fraudulent claims arising from targeted patient identity theft. The bill has two provisions which turn this into a tremendously challenging plan, and a daunting task for securing patient data: * Citizens will have the right to monitor and control use of their own health data. This implies a large centralized identity and access control service, or perhaps a federated network of patient registration directories. Authenticated users will be able to reach into the network of health databases audit use of their data and payment history. * Health organizations suffering loss of more than 500 patient records must publicly disclose the breach, starting with postings on the government's Health and Human Services website. This allows related organizations to trace the impact of the breach throughout the healthcare network, but care must be taken not to disclose vulnerabilities in the system to intruders

Days after Visa seemingly confirmed that a data breach had taken place at a third payment processor, following on the recent breach disclosures by Heartland Payment Systems and RBS WorldPay, the credit card company now is saying that there was no new security incident after all. In actuality, Visa said in a statement issued Friday, alerts that it sent recently to banks and credit unions warning them about a compromise at a payment processor were related to the ongoing investigation of a previously known breach. However, Visa still didn't disclose the identity of the breached company, nor say why it is continuing to keep the name under wraps. Visa said that it had sent lists of credit and debit card numbers found to have been compromised as part of the investigation to financial institutions "so they can take steps to protect consumers." It added that it currently "is risk-scoring all transactions in real-time, helping card issuers better distinguish fraudulent transactions from legitimate ones." Visa's latest statement follows ones issued by both it and MasterCard International earlier this week in response to questions about breach notices that had been posted by several credit unions and banking associations. The notices made it clear that they weren't referring to the system intrusion disclosed by Heartland on January 20 and suggested that a new breach had occurred.

We all like to think our privacy is absolute. But if your job involves working across borders, you'll want to talk about privacy as a matter of degree rather than as an uncompromising right. Why? Not only do you want to be seen as someone who can get things done globally, but you also may personally want to be part of advancing social objectives that are arguably as important as privacy. Have you ever had to re-architect your global rollout of PeopleSoft or Lawson because of European Union privacy concerns? Or adjust how your company offers technical support to medical products sold in Europe? Have you ever been part of acquiring a failing European company where the privacy of employee data was a final sticking point? If you've seen projects with obvious social benefit get held up by seemingly minor data-related questions, then you might have been running up against this notion of "nothing trumps privacy." It's a popular idea. The half-billion people of Europe do view privacy as a human right. And they're not the only ones. As one of the first acts of the UN, Eleanor Roosevelt and the U.S. delegation in 1948 lobbied for the global adoption of the Universal Declaration of Human Rights(UNDHR), whose Article 12 states, "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation." With Europe and the UN using absolute-sounding language to describe a right to privacy, it's no wonder we have all of these delayed and downsized corporate projects. People are legitimately concerned about our sometimes reckless march into the Information Age, and they want to put some brakes on it. But does privacy trump all foes? I can think of at least six other equally important social objectives that regularly put limits on privacy: 1. Personal health. We all want to stay healthy - even when we lose the ability to communicate and give consent. Emergency-room personnel need access t

Nearly one week after news emerged of the big data breach at Princeton, N.J.-based merchant acquirer Heartland Payment Systems Inc., it remains unclear how much damage actually happened and who did it. One report suggests Heartland's breach-related legal liabilities could approach $98 million, an estimate a Heartland spokesperson dismisses as speculative. The spokesperson tells Digital Transactions News on Monday that the so-called "sniffer" program secretly planted on one of Heartland's payment-processing platforms was not being used when investigators found it about two weeks ago. "It was inactive," the spokesperson says. "I want to be specific to say it was inactive," he adds, clarifying that the hackers hadn't deliberately disabled or deactivated it. Robert Carr, Heartland's chief executive, meanwhile, issued a statement calling for better industry cooperation and new operational procedures to prevent future data compromises, including industrywide, end-to-end encryption to fully protect cardholder data. Heartland uses encryption, but industry procedures leave data unencrypted during one brief point of the authorization process-a weakness that hackers have learned to exploit. Carr also said Heartland is working on its own system of end-to-end encryption.

Eight years ago, a woman we'll call Sarah discovered that she was not biologically related to the father she had known all her life. Sarah, her mother revealed, was "donor-conceived." Her parents, after trying without success for a pregnancy of their own in the late 1970s, turned to a fertility center, where Sarah's mother was artificially inseminated with sperm from an anonymous donor. At the time sperm banks did not offer detailed donor profiles. Upon discovering the truth, Sarah was told what her parents had been told about her biological father: He was a medical student, possibly of Scandinavian ancestry. Sarah, who describes her family as "loving and stable," was shocked. Today she is also sick. A year before finding out about her conception, she began to experience severe, unexplained bladder problems. She has been seeing doctors at Johns Hopkins; so far they haven't figured out the cause. Recently married, Sarah worries that she may pass the illness on to future children. The medical history of her biological father could provide a crucial piece of the diagnostic puzzle. But in the early days of artificial insemination, clinics often shredded or burned files to ensure donor anonymity and client privacy. Sarah's father's identity may be locked away in storage somewhere, or it may have been destroyed. Although aware of the likely futility of her search, Sarah still continues-writing the clinic, nurses, her doctor-in the hope that someone can help. Faced with stories like this, the fertility industry and a few state governments are trying to come up with a way to ensure that future donor-conceived children will have access to their fathers' medical files. A national registry, for example, could allow banks to monitor how many times a man donates semen and how many children are born from his seed, to share updates about medical issues and to facilitate long-term research on health outcomes. But any such registry poses a threat to the p

THE Government is looking to develop a way to protect individuals' personal data that can 'best address' three issues. These are privacy concerns, commercial requirements and national interest. An inter-ministry committee is already reviewing the issue, said Minister for Information, Communications and the Arts Lee Boon Yang. 'As data protection is a complex issue, with extensive impact on all stakeholders, this review will take some time,' he said. He said this in a written reply to a question posed by Ms Lee Bee Wah of Ang Mo Kio GRC in Parliament on Monday. She had asked if his ministry will consider a comprehensive privacy law, and wanted to know what laws there are to protect people from spam mail and the unauthorised sale of personal information. Also, what about those whose photographs have been posted on blogs and other new media platforms without their authorisation, she had asked. This would be considered a 'civil matter', said Dr Lee. 'The aggrieved persons could first ask the site's webmaster to remove the pictures,' he said. 'As with matters relating to online libel and personal defamation, they could also seek professional legal advice to determine the most appropriate legal recourse.' As for the protection of personal data, the minister said that although no generic data protection law exists, such data is still protected. He listed the various measures that are already in place. For instance, there are 'strict provisions' in sectoral laws such as the Banking Act, and codes for medical professionals to protect sensitive financial and health information, he said. There are also other industry codes of practices against the unauthorised use of personal information, he added. For example. the Telecom Competition Code requires licensees to take 'reasonable measures' to prevent the unauthorised use of consumers' information. In addition, there is a voluntary privacy code, which has been adopted by many companies in the private sector, said Dr