[Dataloss] OT? GAO: Data breach Notification; Lessons Learned
richard titus
phystarus19 at earthlink.net
Mon May 7 13:07:46 UTC 2007
The current push to allow Federal employees to work from home or from remote locations clearly needs to be reexamined for its data security implications.
richard
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----- Original Message -----
From: Al Mac
To: Data Loss Incidents
Sent: 5/5/2007 11:22:15 PM
Subject: [Dataloss] OT? GAO: Data breach Notification; Lessons Learned
I predict, that in the future, some of these lessons may be learned again.
Privacy: Lessons Learned about Data Breach Notification. GAO-07-657, April 30.
Much of this concerns internal prompt notification, like to law enforcement and within organizational hierarchy, getting correct names & addresses of who to notify and other legal complications.
The GAO report includes a summary of data breach incidents at 6 gov agencies (Depts of Agriculture, Defense, Education, Health+Human services, Transportation and Veteran's Administration) ... any here we did not already know about?
* 2006 Jan Farm Services FOIA contractor oops on 80,000 tobacco producers
* 2006 Mar Navy Marine Corps thumb drive lost 207,570 individuals
* 2006 May VA employee home burglarized affecting 26.5 million
* 2006 June National Student Loan CD lost in transit on 13,756 individuals
* 2006 June HHS contractor employee laptop stolen 49,572 Medicare beneficiaries
* 2006 Dec DoT laptop stolen from car parked in FL 133,000 commercial drivers & FAA pilot licensees
http://www.gao.gov/cgi-bin/getrpt?GAO-07-657
Highlights - http://www.gao.gov/highlights/d07657high.pdf
GAO conclusions specifically on VA data breaches.
http://www.gao.gov/highlights/d07532thigh.pdf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20070507/1733f62f/attachment.html
More information about the Dataloss
mailing list