<html>
<body>
Not all states of USA have laws requiring responsible behavior after a
breach.<br>
Many of the laws are only enforceable against private corporations, not
government agencies.<br><br>
There are charts showing how these laws vary by state.<br>
See the links from
<a href="http://www.privacyrights.org/ar/ChronDataBreaches.htm" eudora="autourl">
http://www.privacyrights.org/ar/ChronDataBreaches.htm</a> such as
<a href="http://www.consumersunion.org/pdf/security/securityPA.pdf" eudora="autourl">
http://www.consumersunion.org/pdf/security/securityPA.pdf<br>
</a>* Pennsylvania is one of the 39 states requiring credit bureaus to
allow consumers to put a freeze on their credit. But the credit
bureaus supposedly also offer this to consumers in states not requiring
it. It costs $10 to place the freeze or termporarily lift it, if
the consumer is not yet an identity theft victim, as documented by a
police report, or is not a senior. The freeze expires after 7
years. The credit freeze must be requested in writing via certified
mail to each of the credit agencies, with various documentation as to who
we are.<br><br>
Al Macintyre<br><br>
, Rodney wrote:<br><br>
<blockquote type=cite class=cite cite="">, Henry Brown wrote:<br>
<blockquote type=cite class=cite cite=""><tt>The Department of Public
Welfare began mailing letters Wednesday warning the recipients to take
steps to protect themselves from identity theft, agency spokeswoman Anne
Bale said.</tt></blockquote><br>
This strikes me as odd and I have a couple of questions for the
group.<br><br>
1. If your data is lost and there is a clear "at fault" party
as seems to be the case here (the data was unencrypted) they isn't the
"at fault party supposed to provide ID theft protection? Is that a
law or just something done to reduce damages should they ever be sued
over release of personally identifiable information without informed
consent?<br><br>
2. If it is welfare rolls, then these people can't afford to do this on
their own, so again why isn't the state setting this up for
them?<br><br>
Rodney Wise <br>
_______________________________________________<br>
Dataloss Mailing List (dataloss@attrition.org)<br>
<a href="http://attrition.org/dataloss" eudora="autourl">
http://attrition.org/dataloss</a><br><br>
Tenable Network Security offers data leakage and compliance
monitoring<br>
solutions for large and small networks. Scan your network and monitor
your<br>
traffic to find the data needing protection before it leaks out!<br>
<a href="http://www.tenablesecurity.com/products/compliance.shtml" eudora="autourl">
http://www.tenablesecurity.com/products/compliance.shtml</a></blockquote>
</body>
</html>