Wednesday, March 14, 2007

Sun CSO: Endless Internet Growth Keeps Security on Back Burner. Sun CSO: Endless Internet Growth Keeps Security on Back Burner. Q&A: Whitfield Diffie, chief security officer at Sun and co-inventor of public-key cryptography, talks about the state of computer security and Microsoft[base ']s role in it. [Computerworld Privacy News] 4:07:25 PM

Four Colorado Counties Placed on Election Watch List. Four Colorado Counties Placed on Election Watch List. Errors with voting machines, delays in voting, inadequate security cited. [GT: Security and Privacy] 4:04:05 PM

ID Fraud Manufacturing Ring Uncovered in Arizona. ID Fraud Manufacturing Ring Uncovered in Arizona. Three month investigation of Arizona Homeland Security Fraudulent Identification Task Force (AFIT) uncovers one of the largest manufacturers of fraudulent identification in Southern Arizona. [GT: Security and Privacy] 4:00:48 PM

Airport security targets the inside threat - CNN.com TAMPA, Florida (CNN) -- The Transportation Security Administration carried out surprise inspections on workers at five airports in Florida and Puerto Rico on Monday, one week after a baggage handler in Orlando allegedly used his airport credentials to smuggle more than a dozen firearms into a commercial jetliner. Some 160 TSA officers, backed by Federal Air Marshals and local police, searched airplanes for contraband, shined flashlights in airport vehicles and patted down contractor employees involved in airport security. The five airports inspected were in Tampa, Orlando, Miami, Fort Lauderdale and San Juan, Puerto Rico. The airport crackdown will continue through the week, spreading to other regions in the country as TSA increases random, unannounced searches targeting those who could misuse their access within the system. "We realize the insider threat is a real threat, and we have to address it," said TSA spokesman Christopher White. 3:58:40 PM

Latest ID-Theft Worry? Copiers. Latest ID-Theft Worry? Copiers. Digital photocopiers use hard drives to store data. If not properly secured, they can be vulnerable to data thieves. By the Associated Press. [Wired News: Security Blanket] 3:55:53 PM

Dispute surfaces over certification for personal health records n a rare instance of public dissent, an American Health Information Community AHIC) workgroup has split over whether to recommend that product certification be available for personal health record software. AHIC, a high-level advisory committee to the Department of Health and Human Services, sided with the majority on its Consumer Empowerment Workgroup and voted unanimously in favor of the certification recommendation. A minority -- five members of the 23-person workgroup -- took the position that certification would be premature and the top priority should be privacy and security policies for PHRs. "The risks [of certification now] outweigh any potential benefits," the dissenters said in a letter to AHIC. The workgroup's task is to foster widespread adoption of PHRs. One of its leaders, Dr. Rose Marie Robertson, told AHIC that the group believes PHRs will be more widely used if consumers do not have to sit at a computer and enter all their health information. Instead, the PHRs could be populated by data from doctors, health plans, drug stores, or elsewhere. 3:51:04 PM

Medical data on Blue Cross members may be lost | CNET News.com WellPoint, one of the nation's largest health insurers, has begun notifying 75,000 members of its Empire Blue Cross and Blue Shield unit in New York that a CD holding their vital medical and other personal information has disappeared. The information was on an unencrypted disc that a subcontractor recently sent to Magellan Behavioral Services, a company in Avon, Conn., that specializes in monitoring and coordinating mental health and substance abuse treatments for insurance companies. Empire began notifying the affected consumers by mail on Saturday that their records--including their names, Social Security numbers, health plan identification numbers and description of medical services back to 2003--had been lost. [...] Before shipping the information to Magellan, the coding and passwords that protect the privacy of the information was removed by a Magellan subcontractor, Lisa Ann Greiner, an Empire spokeswoman, said Tuesday. Janlori Goldman, the director of the Health Privacy Center, a nonprofit organization in Washington, said the error was an "egregious breach of privacy." She said that insurance companies were responsible under a federal privacy law for ensuring that their contractors use adequate security procedures. Greiner said that the subcontractor, Health Data Management Services, worked for Magellan, not Empire. "If any contract was breached, we are going to take direct action," she said. 3:45:41 PM

Photocopiers: The newest ID theft threat. Photocopiers: The newest ID theft threat. Photocopiers made in recent years often have hard drives that store what's been duplicated -- making them a potential target for identity thieves. [Computerworld Privacy News] 3:40:11 PM

CDT Calls for Judicial Approval of National Security Letters. CDT Calls for Judicial Approval of National Security Letters. CDT is calling on Congress to require judicial supervision of FBI requests for access to the sensitive records of US citizens to protect privacy and national security. Recent revelations regarding violations in the use of so-called "national security letters" have shown that no matter how many internal controls the FBI adopts, self-certification is not sufficient when the government is obtaining the sensitive financial and communications records of citizens. CDT believes Congress should reform the law and adopt a reasonable system of judicial checks and balances. [Center for Democracy and Technology] 3:35:59 PM

© Copyright 2007 Paul Hardwick. Last update: 3/18/07; 10:59:39 PM.