Thursday, April 23, 2009

Study: Lost Laptops = Big Bucks

From todays' IAPP bulletin,

The Mercury News reports on the results of an Intel-commissioned study on business costs associated with lost or stolen laptops. Over five months, researchers from the Ponemon Institute examined 138 lost-laptop incidents across 29 business and government organizations. The typical cost per laptop to employers was $49,246. Much of the expense derives from the valuable sensitive data contained on the missing machines. "With each lost laptop there is the risk that sensitive data about customers, employees and business operations will end up in the wrong hands," according to the Ponemon report. Full Story

Monday, April 20, 2009


As the American Recovery and Reinvestment Act of 2009 (ARRA), unfolds businesses are going to have to pay attention. This legislation will affect everyone in some way and knowledge of the law and how it pertains to business will be the responsibility of each individual business Board of Directors or owner.

The Department of Health and Human Services (DHSS), on Friday published guidance aimed at helping entities secure and protect health information. "Protecting patient privacy is a top priority and this guidance specifies proactive steps organizations can take to limit the potential harm a breach can cause," said HHS spokesperson Nick Papas. The guidance stems from requirements in the Health Information Technology for Economic and Clinical Health (HITECH) Act. It covers the standards for what makes PHI "secured," and a request for information related to the security breach notification requirements. Full Story

Just as the Red Flags Rule (FACTA) affects most businesses including those businesses who are not accustomed to FTC oversight, the HITECH Act will also impact the way businesses collect and use personal medical information.