Privacy Ref Blog

Big HIPAA 6

A few weeks ago, my wife and I decided to see a movie.  We both agreed on Big Hero 6, which is a Disney movie, but a quick look found that it was also based off a Marvel series as well.  I can say I enjoyed the film, but working in the privacy world on a daily basis got me thinking about one premise of the movie.  The robot in the film, which is designed and programmed to assist in medical care, can scan humans, discovering everything from small scratches and bumps to the amount of serotonin in your body at the moment.  That got me thinking about the implications to HIPAA or other privacy concerns that come with this.

Continue reading this post…

Posted on December 11, 2014 by Ben Siegel - No Comments

 


Lessons Learned (or Not) From the Target Breach

My shopping list was eclectic: a birthday toy for my nephew, shampoo, dog food, and some holiday themed hand towels.  I needed to make the most of my time and budget during this particularly hurried time of the year.  The most logical answer?  Yes, you guessed it.  Target.   As  much as I wanted to resist patronizing the store that had become the pariah of the privacy world, I gave in.  The giant red bulls eye beckoned me, promising to contain everything I needed (plus other items that I didn’t know I needed until I saw them on the endcaps), all in one convenient location.

Continue reading this post…

Posted on by Mariie Simonelli - No Comments

 


“Their Office Is Down the Hall”

A number of years ago, I sat in a conference room, slacked jawed, at a response given by a senior manager from an Information Technology team to a federal examiner.  The examiner, in an ad-hoc discussion about organizational structure and process, simply queried about the risk management processes used by the IT Team during development.  The response provided, “We don’t do risk.  Risk is managed by the Risk Management team,…their office is down the hall,” uncovered (for me) a general misunderstanding about what risk management is and how it is, or should be, implemented in each department, team, and/or business line throughout an organization.

Continue reading this post…

Posted on December 10, 2014 by Paul Gray - No Comments

 


Know who is calling

Thanksgiving has always been a good time to catch up with family and friends. One of the themes at our Thanksgiving table this year quickly became privacy. Continue reading this post…

Posted on December 5, 2014 by Bob Siegel - 1 Comment

 


Four takeaways from the Greater Miami Chamber of Commerce panel

I was honored to be part of the Greater Miami Chamber of Commerce hosted a panel discussion entitled The Convergence of Technology & Banking: Security & Compliance. The panel consisted of Andrew Obuchowski, Jr. of McGladrey LLP, Patrick Whelan of All Covered, Tom Neclerio of SilverSky, and me. While the subjects discussed were wide ranging, there were some themes that were repeated throughout the conversation. Continue reading this post…

Posted on November 17, 2014 by Bob Siegel - No Comments

 


Giving Privacy a Hand

Or just your finger in this case.

Today for lunch, I went to Wendy’s.  I strolled up to the counter and, when the cashier took my order, I noticed something awesome.  The person running the register had to use their thumb to access the terminal.  This is sheer genius, I had to know more.
Continue reading this post…

Posted on by Ben Siegel - No Comments

 


Change is Good, but Change is Difficult

One of the most important aspects of a privacy program is making sure that your customers and other stakeholders understand any changes that are made to your privacy policy and notice.  If they know what you are doing, and you are transparent about it, generally you will be able to have positive interactions with your customers and continue providing a great service.  Sometimes, though, it can be met with a lot of resistance.  I want to take a look at the latter, and see what we can learn.

Continue reading this post…

Posted on October 29, 2014 by Ben Siegel - No Comments

 


Breached: a round up of data breaches

Kmart, Goodwill, Home Depot, JP Morgan Chase, PF Chang’s, ACME Financial, Cedars Sinai, Supervalu (twice), Jimmy John’s, Dairy Queen and American Family Care are all included in the list of recently reported data breaches. These events should bring several questions to the mind of anyone overseeing a privacy program: Continue reading this post…

Posted on October 15, 2014 by Bob Siegel - No Comments

 


A First Timer’s Privacy Academy

Six months ago, I attended my first IAPP Summit in Washington D.C.  In September, I went to the 2014 IAPP Privacy Academy in San Jose; I have to say that I got a lot more out of this event.  This had very little to do with the actual content and people there, and more to do with my understanding and preparation for the event.
Continue reading this post…

Posted on October 14, 2014 by Ben Siegel - No Comments
Tags:

 


Is your organization prepared for a data breach?

Most companies have a crisis communication plan stashed somewhere. Whether it’s policies and procedures reviewed monthly or updated on a yearly basis, companies must prepare for worst-case scenarios. But has your company prepared for a data breach; when your customer’s private and financial information is compromised and/or stolen?
Continue reading this post…

Posted on by Dianna Fletcher - No Comments
Tags:

 


Next Page »

Subscribe to our mailing list

Please fill out the form below.

Required

Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to info@privacyref.com or call (888) 470-1528.

News

October 15, 2014

Privacy Ref is proud to sponsor Data Privacy Day 2015
2014 was an eventful year with a lot of high profile data breaches and hacks. Privacy Ref has joined StaySafeOnline's campaign to bring awareness to the masses. Data Privacy Day is the 28th of January and we will be hosting webinars and participating in conversations to build better privacy for tomorrow!

Latest Blog Posts

December 11, 2014

Big HIPAA 6
A few weeks ago, my wife and I decided to see a movie.  We both agreed on Big Hero 6, which is a Disney movie, but a quick look found that it was also based off a Marvel series as well.  I can say I enjoyed the film, but working in the privacy world on a daily basis got me thinking about one premise of the movie.  The robot in the film, which is designed and programmed to assist in medical care, can scan humans, discovering everything from small scratches and bumps to the amount of serotonin in your body at the moment.  That got me thinking about the implications to HIPAA or other privacy concerns that come with this. Continue reading this post...

Lessons Learned (or Not) From the Target Breach
My shopping list was eclectic: a birthday toy for my nephew, shampoo, dog food, and some holiday themed hand towels.  I needed to make the most of my time and budget during this particularly hurried time of the year.  The most logical answer?  Yes, you guessed it.  Target.   As  much as I wanted to resist patronizing the store that had become the pariah of the privacy world, I gave in.  The giant red bulls eye beckoned me, promising to contain everything I needed (plus other items that I didn’t know I needed until I saw them on the endcaps), all in one convenient location. Continue reading this post...

Other Recent Posts

PRIVACY REF