The Privacy Professor Blog

The Spies Who Eavesdrop on Your Work from Home: Part 2 – Apps

By Rebecca Herold | May 17, 2020

In my previous blog post, I described how one of my monthly Privacy Professor Tips readers recently sent me a question about some unusual coincidences where it seemed that home conversations and activities were then known and discussed by workers. When working from home, or mobile working while traveling, it is important to remember that cybercrooks and business competition are actively exploiting the vulnerabilities that are present in most home offices, hotels, restaurants, airports, and a long list of other locations where remote work occurs.

The Spies Who Eavesdrop on Your Work from Home: Part 1 – IOT

By Rebecca Herold | May 5, 2020

With what may be the majority of office workers throughout the world now working from home, cybercrooks and business competition are actively exploiting the vulnerabilities that are present in most home offices. This series of blog posts focus on fours ways in which digital spies enter home office areas, and some information security and privacy protections you can put in place to shut the holes in the digital pathways created into your organization through working from home office areas. Part 1 provides an overview of digital spies coming through IOT devices.

What Business Leaders Need to Know About Privacy Breach Notifications

By Rebecca Herold | April 18, 2020

There will come the inevitable day when your organization will need to make a privacy breach notice. Will you be prepared and know what to do when this day comes?

You Will Be Judged by the Company You Keep

By Rebecca Herold | April 4, 2020

All organizations need to identify and document all the outsourced and contracted entities that possess or otherwise access their information, in all forms. Here are some reasons why.

Fired Because Photo of Surgery Room Was a HIPAA Violation

By Rebecca Herold | March 28, 2020

With the preponderance of people now taking photos and videos with their phones as part of their standard daily activities, the number of situations where healthcare workers are capturing images and posting on their Instagram, Facebook and other social media sites is dramatically increasing. What does this mean for compliance with the HIPPA Privacy Rule?

HIPAA and Calling Out Full Names In Waiting Rooms

By Rebecca Herold | March 28, 2020

Is it a HIPAA violation to call out a patient’s full name in the waiting room? What factors go into deciding whether something like this is a HIPAA violation? The Privacy Professor Explains.

Why You Should Use a Right to Audit Clause

By Rebecca Herold | March 28, 2020

A right to audit clause is a good idea for all types of organizations, of all sizes, not only as a way to demonstrate due care, about also to to be proactive in preventing privacy breaches and security incidents. Here are the top reasons why you should have right to audit clauses within business partner contracts.

Revisiting the Theory for How Eddie Tipton Committed the Largest Lottery Fraud in History

By Rebecca Herold | March 25, 2020

Eddie Tipton, an information security officer, was able to successfully rig the Hot Lotto random number generator and commit the largest lottery fraud in US History. How did he do it? The Privacy Professor explains.

Top 4 Reasons Encryption Is Not Used

By Rebecca Herold | March 21, 2020

During my work with a wide range of small to large organizations, in a wide range of industries, I’ve found there are some common reasons why encryption is not implemented. Here are the top four I’ve run across.