A lot depends on why you think you’re training people. That motivation comes through in the attitude. And that attitude has a lot to do with how successful the training is. By my estimate, there are any number of nuanced attitudes but they more or less gravitate to one of three motives: We’re training you … Continue reading
Category Archives: Privacy
When is a breach notification not a breach notification (part three)?
When it is presidential primary news. When the “family feud” is more newsworthy than the data. When there are no less than four parties involved who one can identify as data custodians of one kind or another. In a single sentence, the incident can be described as follows (the four data custodians are numbered in … Continue reading
I am not a number, I am a data point
Identity has changed. The post-World War II generation was concerned about being identified as a number. The sight of emaciated humans with identifying numbers tattooed on their inner forearms made this very real and very scary. By the late 1960’s the TV show The Prisoner portrayed the hero objecting on a regular basis: “I am … Continue reading
Security and Privacy walk into a bar…
There can be no question that Security and Privacy are strongly related. It would be easier if they were the same thing. But they’re not, of course; there are differences. This blog has never shied away from stating the obvious. This post tries to enumerate the significant differences between privacy and security: I. They come … Continue reading
One hand washing the other
Can the HIPAA Security Rule learn something from the HIPAA Privacy Rule? When it comes to encryption at the application security level: yes. First, one of my particular soapboxes: in a world where medical records are increasingly found in digital form, the HIPAA Security Rule and the HIPAA Privacy rule cannot be minded by two … Continue reading
{Cyber Security} 