Skip to main content

Home/ WPPS C-Suite News/ Group items tagged california

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

California Department of Public Health Breach Fines and Legally Defensible Security : I... - 0 views

www.infolawgroup.com/...nd-legally-defensible-security

california health breach

shared by sandy ingram on 28 Jun 10 - Cached
  • sandy ingram on 28 Jun 10
     
    The California Department of Public Health ("CDPH") recently announced its imposition of $675,000 in fines to six hospitals that had reported security breaches involving medical records (since January 1, 2009, the CDPH has issued fines totaling $1.1 million). The story has been extensively reported on in the media . You can listen to the CDPH's press conference here. The total number of records exposed was only 244, for an average fine of around $2,766 per record. To put that in perspective, if a California hospital suffered a breach involving 100,000 medical records, using the average stated here, their potential fines could be $276 million (assuming no cap for fines and penalties -- the relevant laws do have a cap of $250,000 per incident).
sandy ingram

California Choose Microsoft Cloud Services to "improve data security, simplify e-mail a... - 0 views

www.csc.com/...rvices_contract_for_california

cloud BPOS Microsoft IT Office 365 California proofpoint

shared by sandy ingram on 04 Dec 10 - No Cached
  • CSC (NYSE: CSC) announced today that the State of California awarded the company a contract to migrate its current multiple e-mail applications to a cloud-based solution with Microsoft Business Productivity Online Suite (BPOS)
  • Work under this contract will support Governor Schwarzenegger's executive order and the state's efforts to improve information technology (IT) infrastructure, increase government efficiency, save costs and consolidate IT functions under the Office of the State Chief Information Officer.
  • “This is part of our efforts to consolidate and standardize information technology infrastructure to reduce costs and enhance productivity,” stated Teri Takai, chief information officer of the State of California
  • ...4 more annotations...
  • CSC will provide Microsoft Cloud Services in a secure cloud environment offering comprehensive e-mail and legal eDiscovery services and collaboration tools for mobile users. CSC will also provide migration services to the new cloud solution and will standardize e-mail across all state agencies that select the service, potentially eliminating up to 130 e-mail systems that currently utilize three different e-mail platforms.
  • The Microsoft Cloud Services will improve data security, simplify e-mail administration, enhance agency collaboration and improve responsiveness to public information requests.
  • “California joins a growing number of state and local government customers across the country turning to Microsoft’s cloud-based software and services to maximize the return on their technology investment,”
  • said Gail Thomas-Flynn, vice president of State and Local Government at Microsoft.
  • sandy ingram on 04 Dec 10
     
    "CSC (NYSE: CSC) announced today that the State of California awarded the company a contract to migrate its current multiple e-mail applications to a cloud-based solution with Microsoft Business Productivity Online Suite (BPOS)."
sandy ingram

Amended SB1386 - Health care data security breach explained - 0 views

www.scmagazineus.com/...120069

hipppa SB1386 health training breaches

shared by sandy ingram on 01 Nov 08 - Cached
  • Health care data security breaches in the U.S.
  • New laws and regulations regarding data security breaches and disclosure laws affect the way in which health care organizations do business
  • Notifications can be delayed if law enforcement determines it could hinder a criminal investigation
  • ...11 more annotations...
  • he disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in subdivision (c), or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
  • Any agency that maintains computerized data that includes personal information that the agency does not own shall notify the owner or licensee of the information of any breach of the security of the data immediately following discovery, if the personal information was, or is reasonably believed to have been, acquired by an unauthorized person.
  • They need to implement proper security measures, like encryption,” Booz says. In addition, the law will require a new level of investment in training for customer service, sales, and other externally facing operations.
  • Individuals affected by data breaches that meet the personal information definition and notification requirements must be notified by using one of three methods: written notice, electronic notice with customer's consent, or substitute notice
  • The purpose of this rule is to secure personally identifiable information (PII) as it travels through the healthcare system. Healthcare organizations, including providers, payers, and clearinghouses, must comply with the Privacy Rule.
  • The new law requires all state agencies and companies that conduct business in California to notify residents when a breach of their medical information occurs.
  • A new California law requiring that customers be notified of a breach involving their medical information is likely to influence legislation in other states.
  • Between 2000 and 2007, nearly half of all health care security incidents that occurred in the U.S. were associated with hospitals.
  • Between 2000 and 2007, 40 percent of publicly known security incidents at health care organizations are classified as data breaches
  • Although data breaches (hackers, malicious employees, social engineering, etc.) only constitute 40 percent of incidents, they account for 57 percent of all records compromised, nearly two and a half times the next closest category.
  • This again speaks to the need for strong policies and procedures. If organizations did not allow sensitive data to leave their facility without being encrypted (for electronic data) or disposed of properly (for physical data), it could eliminate nearly a quarter of the incidents they would face.
  • sandy ingram on 01 Nov 08
     
    Notifications can be delayed if law enforcement determines it could hinder a criminal investigation
  • sandy ingram on 01 Nov 08
     
    A new California law requiring that customers be notified of a breach involving their medical information is likely to influence legislation in other states.
sandy ingram

IT worker gets prison after stealing data for online surveys - 0 views

www.computerworld.com/...ealing_data_for_online_surveys

Privacy Security Fraud employees identity theft medical

shared by sandy ingram on 02 Nov 10 - No Cached
  • Between January and April of this year, Giang filled out 382 surveys before the company that was paying for them, StayWell, figured out what was going on. StayWell had been offering UC employees the gift vouchers as incentives to fill out health surveys, but it grew wise to the scam.
  • Giang only used part of the Social Security numbers of his co-workers while filling out the survey, his lawyer states in a sentencing memorandum. "Mr Giang never intended to steal their identity, and other than losing the opportunity to participate in StayWell's marketing surveys, the victims did not lose anything," says the Oct. 20 memorandum asking the judge for probation instead of jail time.
  • sandy ingram on 02 Nov 10
     
    A former IT staffer has been sentenced to a year and a day in prison for stealing sensitive information belonging to his co-workers and using the data to make money filling out online health surveys. Cam Giang, 31, was fired from the University of California San Francisco Medical Center earlier this year after investigators discovered that he'd been using the names, birthdays and Social Security numbers of other UCSF employees to fill out hundreds of online surveys. The point was to collect online vouchers, worth US$100 each.
sandy ingram

The Fed 2011 Agenda: Rush to the Cloud ! - 0 views

www.drdobbs.com/...M4GKN3UNAEZQE1GHRSKH4ATMY32JVN

Best Practice cloud compliance

shared by sandy ingram on 03 Jan 11 - No Cached
  • The new 25-point plan establishes a Data Center Consolidation Task Force with a goal of reducing the number of data centers by 800 as of 2015.
  • The plan also touts scalability as a reason for embracing the cloud over traditional solutions. It cited the example of a private-sector company doing video editing that experienced a surge of demand and was able, using the cloud, to scale from 50 to 4,000 virtual machines in three days.
  • There's an expectation that moving applications such as e-mail to the cloud will facilitate data center consolidation and reduce IT budgets. Some federal agencies have already awarded contracts to move e-mail to the cloud. In addition, the government has selected a dozen vendors to supply Infrastructure-as-a-Service (Iaas).
  • ...6 more annotations...
  • Google and Microsoft want the government’s cloud business and they’ve undertaken a PR campaign including announcements of high-profile contract awards. The General Services Administration (GSA) recently awarded Unisys and Google a contract to host e-mail in the cloud. The US Department of Agriculture (USDA) selected Dell to supply Microsoft Online Services for the migration of 120,000 users and 21 e-mail systems to the cloud.
  • Microsoft was the winner of a Department of the Interior contract for moving e-mail to the cloud, a selection that Google protested. Google and its reseller, Onix Networking Corp, have filed suit against the Department of the Interior to overturn that selection.
  • Both Google Apps for Government and BPOS have been certified as being compliant with the Federal Information Security Management Act (FISMA). Being given FISMA Authority to Operate (ATO) is a certification the cloud infrastructure is a secure, trusted environment for government applications and databases they use.
  • The federal contracts for hosting e-mail in the cloud are not the first Big Government embrace of hosted e-mail. Microsoft reportedly has several hundred state and local agencies using its cloud services. New York City recently announced it will adopt Microsoft BPOS for 30,000 city users.
  • The State of California awarded a contract to Microsoft and Computer Sciences Corporation (CSC) for the migration of 130 of e-mail systems to Microsoft BPOS.
  • The State of Minnesota Office of Enterprise Technology (OET) announced an agreement with Microsoft to migrate Exchange e-mail and other communications services to BPOS in a private cloud.
  • sandy ingram on 03 Jan 11
     
    "In December 2010, the government's CIO, Vivek Kundra, released a 25-point plan for an overhaul of Federal IT that emphasizes a cloud-first policy for federal agencies. Currently the federal government is on pace to spend $79 billion on IT this year, with more than 20% going to infrastructure spending. Because the US government has spent $600 billion on IT over the past decade, the plan's intent is to reduce IT spending by the federal government."
1 - 5 of 5
Showing 20 items per page