-
Overcoming Obstacles to Data Classification
A formal data classification scheme is fundamental to information security. Yet, many organizations--even those that profess a commitment to protecting company and customer information--fail to implement data classification. This article looks at the reasons that data classification can be difficult to develop and implement in practice and offers several practical guidelines to overcome these obstacles.
April, 2006
-
Protect Your Data With Efficient Encryption
Protecting sensitive data has become more difficult yet more important in the last few years. Threats to proprietary and personal information have grown more sophisticated as criminals and hostile political groups have begun to understand the value of the data. In many cases, the only adequate protection for data is encryption.
October, 2003
-
Build Credibility and Trust Into Your Website
The factors that encourage customers to interact frequently with a website revolve around the issues of credibility and trust. Marketers and customers are in conflict regarding the use of information. Online marketers would like to gather detailed information about their customers to be able to group them for targeted marketing and personalized offerings. Customers do appreciate personalization when it suits their needs.
August, 2003
-
Reorient Your Strategies to Capture E-Business Potential (2Q03)
During the dot-com explosion over $20 billion of venture capital was poured into e-business vendors, and companies spent an additional $50 billion of their own capital on the web. Less than 25% of this spending produced positive returns on investment. Now, however, is not the time to back away from e-business but rather to learn from the past and steer efforts toward what works well.
June, 2003
-
Internet Service Providers: Are User Identities Still Sacred? (May 2001)
Are user identities are still sacred? One federal court judge in Seattle believes so. In what free speech proponents are hailing as a major First Amendment victory, a federal court in Seattle recently held that an Internet Service Provider could not be compelled to disclose the identities of certain of its users.
September, 2002
-
Maintaining Online Privacy During the War on Terrorism (Nov 2001)
In the aftermath of the despicable terrorist attacks of September 11, the federal government moved quickly to propose legislation which would expand its authority to track certain types of information in connection with anti-terrorist investigations. Of course, in the Internet era, a major component of such expanded powers necessarily would relate to online activities. The prospect of increased monitoring quickly raises concerns among civil libertarians, businesses, and individuals alike. What will these mean for online business?
September, 2002
-
Questions and Answers on the Privacy Provisions of the Gramm-Leach-Bliley Act (Jan 2002)
Why does the Privacy Rule sometimes refer to consumers and other times to customers? Aren't customers also consumers? All customers are consumers, but not all consumers are customers. The rule distinguishes consumers from customers because it is the banks responsibilities to provide notices to consumers and to customers differ in several respects.
May, 2002
-
FTC “Operation Detect Pretext” (Apr 2001)
The staff of the Federal Trade Commission's Division of Financial Practices announced in January 2001 the beginning of "Operation Detect Pretext," an effort to protect consumers from firms that obtain their customer information under false pretenses--a practice known as "pretexting."
May, 2002
-
The Children’s Online Privacy Protection Act of 1998 (Jul 2000)
In June 2000 the United States Appeals Court ruled that the Children's Online Privacy Protection Act of 1998 (COPPA) was unconstitutional and violated the first amendment. There are mixed opinions about the ruling, but we suggest that all Web marketers remain in touch with the issue and understand the implications and requirements of COPPA.
May, 2002
-
First “Safe Harbor” Approved for Children’s Online Privacy Protection Act (Apr 2001)
In February 2001 The Federal Trade Commission announced that the Children's Advertising Review Unit of the Council of Better Business Bureaus (CARU), the children's arm of the advertising industry's self-regulatory program established in 1974, has been approved as the first "safe harbor" program under the terms of the Children's Online Privacy Protection Act. Safe harbor programs are industry self-regulatory guidelines that, if adhered to, are deemed to comply with the Act. This is the first COPPA safe harbor application approved by the Commission.
May, 2002
-
The European Union’s Privacy Initiatives (Jul 2000)
As the concern for privacy increases, governments around the world are working on legislation or have formed cross-border task forces to deal with privacy issues. We expect that the outcome of international privacy efforts will take several years to unfold and even longer to be implemented on a global basis. We also expect that national laws regarding privacy will continue to evolve around the world.
May, 2002
-
Employee Email and Internet Use Policies
Employees increasingly use email and the Internet while at work, both for work related purposes and frequently for personal use as well. The inability to distinguish between work and non-work related usage is sometimes problematic, and potentially exposes businesses to liability for a variety of claims from employees themselves, from clients, or even from third parties. Employers should be aware of the potential risks and of the measures that may help to decrease their exposure.
May, 2002
-
Medical Privacy in an Electronic Age—A Discussion of the Issues
As growing numbers of physicians, hospitals, pharmacies, and other health care providers start using the Internet to access patient records, increasingly large databases of patient information can be created and harvested. This trend towards quick and broad access to data has generated mounting public concern over the privacy and confidentiality of such information. Fortunately, technological tools exist which, if implemented, can actually provide greater security for electronic patient data than is generally available for paper-based records.
May, 2002
-
Summary of Regulation/HHS Fact Sheet
Each time a patient sees a doctor, is admitted to a hospital, goes to a pharmacist or sends a claim to a health plan, a record is made of their confidential health information. For many years, the confidentiality of those records was maintained by our family doctors, who kept our records sealed away in file cabinets and refused to reveal them to anyone else. Today, the use and disclosure of this information is protected by a patchwork of state laws, leaving large gaps in the protection of patients' privacy and confidentiality. There is a pressing need for national standards to control the flow of sensitive patient information and to establish real penalties for the misuse or disclosure of this information.
May, 2002