-
Privacy & Compliance
Jul 17, 2014
5 Things Privacy Experts Want You to Know About Wearables
There’s been a lot of news lately in the health and fitness wearables space. Apple just announced they’re releasing an app, called “Health,” as well as a cloud-based platform “Health Kit”. Somewhat related, Nike recently pulled the plug on its activity tracking Fuelband. The conventional wisdom is that fitness trackers are on the decline, while the wearables market in general —think Google Glass and the upcoming iWatch–is still waiting for its defining moment.
Michael Buckbee
3 min read
-
Privacy & Compliance
Jan 16, 2013
From the HIPAA Case Files: Jail Time, Fines, and Access Rights
While I was conducting some research on compliance laws for a customer, I found myself reviewing the penalties written into the 1996 Health Information Portability and Accountability Act, otherwise known as HIPAA. The act calls for health organizations “to maintain reasonable and appropriate administrative, physical, and technical safeguards to ensure the integrity and confidentiality of the information”. So far so good. But what happens when a hospital doesn’t comply with implementing these safeguards, or if a medical worker makes a wrongful disclosure by obtaining “individually identifiable health information relating to an individual”?
Michael Buckbee
3 min read
-
Privacy & Compliance
Nov 15, 2012
4 Secrets for Archiving Stale Data Efficiently
The mandate to every IT department these days seems to be: “do more with less.” The basic economic concept of scarcity is hitting home for many IT teams, not only in terms of headcount, but storage capacity as well. Teams are being asked to fit a constantly growing stockpile of data into an often-fixed storage infrastructure.
Rob Sobers
3 min read
-
Privacy & Compliance
May 15, 2012
Data Classification Tips: Finding Credit Card Numbers
4 Useful Regular Expressions and Algorithm Combinations for Finding Credit Card Numbers Data classification is a critical piece of the data governance puzzle. In order to be successful at governing data, you have to know—at all times—where your sensitive data is concentrated, unencrypted, and potentially overexposed.
Rob Sobers
1 min read
-
Privacy & Compliance
Nov 29, 2011
Authorized Access – Understanding how US laws affect your authorization policies
In 1986, the United States Congress passed the Computer Fraud and Abuse Act (CFAA). While the intent of these laws were originally to protect government computers and information from hackers, the laws have been applied to commercial interests, as well. Specifically, the Computer Fraud and Abuse Act subjects punishment to anyone who “knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value.” While it is not our position to advise clients on this topic, it is important to understand how the US Courts interpret the phrase “authorized access,” and “exceeds authorized access.”
Ken Spinner
3 min read
SECURITY STACK NEWSLETTER
Ready to see the #1 Data Security Platform in action?
Ready to see the #1 Data Security Platform in action?
“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”
Michael Smith, CISO, HKS
"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."
Deborah Haworth, Director of Information Security, Penguin Random House
“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”
Al Faella, CTO, Prospect Capital