SMB privacy: no free pass

Like larger enterprises, small and medium businesses (SMBs) collect personal information about their customers, employees, vendors and other stakeholders; it is just part of doing business. Establishing an SMB privacy program would be very beneficial for these businesses, but for the majority of ...

Keep your privacy policy simple

Earlier this week a photo was posted on Facebook that was intended to be shared just with friends. The photo was tagged with someone appearing in it allowing tagged person’s friends to see the photo. One friend of the tagged person re-posted the photo and before you know it the photo went v...

Don’t be too quick to publish a privacy notice

Having a privacy notice for customers to review is an essential part of any privacy program. When Delta Airlines added a privacy notice to their mobile app, “Fly Delta”,  to comply with California law, the policy did not reflect reality. When creating a privacy notice you need to say ...

Personal Information From Above

As a child growing up in New York City I always wanted to go to the Macy’s Thanksgiving Day Parade. The floats, the balloons, the clowns, the celebrities, the marching bands, the scraps of personal information….wait…personal information?

Intellectual Property and your Privacy Program

One of the people to follow on Twitter is John Fontana (@JohnFontana), a self described  “Evangelist for identity; also cloud, security for PingIdentity. ZDNet blogger. Tapping social media tools and reporting news of the day. Rando skier, cyclist”. In a recent exchange of tweets with...

Will Sandy cause a privacy nightmare?

The images coming from the New York metropolitan area this week have been mind numbing. Having grown up in the Rockaways has driven home the impact of the devastation that one storm has caused.  If you know of someone caught in the middle of all this, I hope they have fared well in the grand sche...

The value in personal information

Most of the broadcast news over the past few nights has understandably focused on Hurricane Sandy and the aftermath. However, it was another story that caught my attention because of the use of personal information by law enforcement. It reminded me that with all the privacy concerns we struggle ...

Having a privacy policy is just a start

Consumers, both business and individual, not only expect your organization to have a privacy policy, they also expect you to regularly train your staff, enforce the policy, and assess the overall health of the privacy program.. A company’s privacy policies, processes, and oversight reflect ...

Two reactions from customers to a data breach

TD Bank has notified their customers of a data breach through the  loss of a backup tape. Initial reports have said that the tapes contain  the account information and Social Security numbers of more than 267,000 customers on the US East Coast. The tape was not encrypted so, while the bank is una...