2020 was a wakeup call for more than healthcare pandemic preparedness. It also exposed some huge security and privacy vulnerabilities, that many cybercrooks have exploited thousands of times throughout the year, for remote workers; both those work-from-home (WFH) employees, along with those mobile workers who have largely been going under the CISOs’ and information security departments’ radars for the past two to three decades. Will cybersecurity and privacy pros heed the lessons learned from the awakening?
In my previous blog post, I described how one of my monthly Privacy Professor Tips readers recently sent me a question about some unusual coincidences where it seemed that home conversations and activities were then known and discussed by workers. When working from home, or mobile working while traveling, it is important to remember that cybercrooks and business competition are actively exploiting the vulnerabilities that are present in most home offices, hotels, restaurants, airports, and a long list of other locations where remote work occurs.
With what may be the majority of office workers throughout the world now working from home, cybercrooks and business competition are actively exploiting the vulnerabilities that are present in most home offices. This series of blog posts focus on fours ways in which digital spies enter home office areas, and some information security and privacy protections you can put in place to shut the holes in the digital pathways created into your organization through working from home office areas. Part 1 provides an overview of digital spies coming through IOT devices.
There will come the inevitable day when your organization will need to make a privacy breach notice. Will you be prepared and know what to do when this day comes?
All organizations need to identify and document all the outsourced and contracted entities that possess or otherwise access their information, in all forms. Here are some reasons why.
With the preponderance of people now taking photos and videos with their phones as part of their standard daily activities, the number of situations where healthcare workers are capturing images and posting on their Instagram, Facebook and other social media sites is dramatically increasing. What does this mean for compliance with the HIPPA Privacy Rule?
Is it a HIPAA violation to call out a patient’s full name in the waiting room? What factors go into deciding whether something like this is a HIPAA violation? The Privacy Professor Explains.
A right to audit clause is a good idea for all types of organizations, of all sizes, not only as a way to demonstrate due care, about also to to be proactive in preventing privacy breaches and security incidents. Here are the top reasons why you should have right to audit clauses within business partner contracts.
Eddie Tipton, an information security officer, was able to successfully rig the Hot Lotto random number generator and commit the largest lottery fraud in US History. How did he do it? The Privacy Professor explains.
During my work with a wide range of small to large organizations, in a wide range of industries, I’ve found there are some common reasons why encryption is not implemented. Here are the top four I’ve run across.