Breach Database Purpose of Our Session: - present examples of breaches in the educational area - identify the impact of privacy breaches - use the breach.

Slides:



Advertisements
Similar presentations
Protect Our Students Protect Ourselves
Advertisements

Identity theft Protecting your credit identity. Identity Theft Three hundred forty three million was lost from consumers in 2002 The number of complaints.
Part I: Making Good Online Choices
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Presented By Drexel and FMFCU.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Protecting Your Identity: What to Know, What to Do.
Deter, Detect, Defend: The FTC’s Program on Identity Theft.
Identity Theft. MIS Training Institute, Inc.Section X - Slide 2CS1 053 ©Network Security Services, LLC Outline n Definitions n Methods used n Ways to.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
What is identity theft, and how can you protect yourself from it?
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
Protecting the Confidentiality of Social Security Numbers Business Procedures Memorandum 66 Revised November 1, 2006 The University of Texas System.
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
How To Protect Your Privacy and Avoid Identity Theft Online.
COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.
OCPA NEIGHBORHOOD WATCH PROGRAM THE OHIO CRIME PREVENTION ASSOCIATION IDENTITY THEFT.
Practical Information Management
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.
HIPAA PRIVACY AND SECURITY AWARENESS.
3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge America,
Identity Theft  IDENTITY THEFT occurs when someone wrongfully acquires and uses a consumer’s personal identification, credit, or account information.
Electronic Safety Keeping yourself safe on the internet and cell phone Intended for Grades 4-5.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Privacy and Information Management ICT Guidelines.
Safeguarding Your Privacy Section 1.3. Safeguarding Your Privacy 1. What is Identity Theft? 2. Research a story on identity theft and be prepared to report.
PRIVACY IN COMPUTING BY: Engin and Will. WHY IS PRIVACY IMPORTANT? They can use your computer to attack others (money, revenge) They can use your computer.
© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Topic 5: Basic Security.
By: Bonnie Vo Identity Theft Identity theft is the possession of another person’s personal information for criminal purposes. Identity Theft: What is.
Jeff loses his identity! Lesson 8: Identity Theft.
You. are at risk for the fastest growing crimes crime.
Identity Theft What is it, is identity theft really a problem, how can I protect myself, what do I do if my Identity is stolen.
Electronic Safety Keeping yourself safe on the internet and cell phone Intended for Grades 4-5.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
Shaun McGorry Executive Briefing July 30, 2009 Identity Theft.
INTRODUCTION & QUESTIONS.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Personal data protection in research projects
Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.
Identity Theft PD Identity Theft Identity theft is a serious crime which can: Cost you time and money Destroy your.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
Unit Five Your Money – Keeping It Safe and Secure Identity Theft Part II Resource: NEFE High School Financial Planning Program.
Final HIPAA Rule Special Training What you need to know to remain compliant with the new regulations.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
Jeff loses his identity! Lesson 5: Identity Theft.
WHAT YOU NEED TO KNOW Chevron Federal Credit Union Great Rates. Personal Service. chevronfcu.org  
PRESENTED BY: ASHLEY CLOUSER (CONNER) Identity Theft.
Protecting Your Identity:
Protecting Yourself from Fraud including Identity Theft
Protecting Your Identity
Protecting Yourself from Fraud including Identity Theft
Protecting Your Credit Identity
Move this to online module slides 11-56
Protecting Yourself from Fraud including Identity Theft
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Breach Database Purpose of Our Session: - present examples of breaches in the educational area - identify the impact of privacy breaches - use the breach data base as a teaching tool for in-service

The Database - Consists of some 32 examples of education related privacy breaches categorized into 7 areas - Internet links for each breach allow for a review of the specific breach and required action on the part of the institution - Additional resources and external links conclude the database - Individual breaches can be examined to highlight the specific nature of a privacy breach Education Focused - Privacy Breach Database:

The Database Hackers Compromise 160,000 Student Healthcare Records at Berkeley, Mills College student-healthcare-records-berkeley-mills-college Hackers Steal Information for Over 70,000 Students/Alumni from Brock University Southern Connecticut State University Servers Compromised by Spam Operation Potentially Exposing the Data of 11,000 Students ment_university_warns_of_data_breach.html Malicious Computer Data Breaches:

The Database Austin University Student Hacks in his School’s Computer System, Accessing Over 50,000 Social Security Numbers & Other Data Potentially 400,000 Student Records Breached When San Diego University Server Is Infiltrated Malicious Computer Data Breaches:

The Database Faculty Member at an Ohio University Accidentally Places Social Security & Grade Report Online – Data is Public for Over 3 Years before Being Noticed A City College in Edmonton Accidentally Makes Student Data Available Online – Data Included Credit Cards, SIN Numbers, Signatures, Etc. Student Aid Records for 90 Individuals in Newfoundland were Publicly Exposed Due to a Security Hole in an Online Database Hundreds of McGill Student Academic Records Accidentally Made Public on School Website Accidental Computer Data Breaches:

The Database Teacher in Manchester, England Accidentally s Attachment with Student & Employee Data to Hundreds of Other Students & Employees breach.html Four University of Texas Professors Accidentally Posted the Private Data of Thousands of Student Online Personal-Information-Accidentally/VQQrtNfAc0WcWgWzVtMU1g.cspx Ryerson University Software Glitch Accidentally Posts Student Data Online – Issue Not Correct for Weeks after the School was Informed of the Breach immature-it-analyst-says/ Western University Exposes the Data of Over 1,000 Graduate Students - Data was Posted on an Unsecured Portion of Western’s Website izes_for_privacy_breach_ / Accidental Computer Data Breaches:

The Database Laptop with the Data of Over 98,000 Students Stolen from the Graduate Admissions Office of Berkeley University Newfoundland School Board Found in Violation of Privacy Laws After Stolen Laptop Exposed the Records of 28,000 Students theft-privacy.html Entire Student Roll at College in Nassau New York Stolen from Administrative Office – Over 21,000 Students Affected Two University of Alberta Hospital Laptops Stolen – Over 300,000 Affected theft.html Malicious Physical Document & Data Breaches:

The Database Sensitive Student Information Found Along Road from Nashville, TN High School (Video Report Included) Keller, TX High School Mails Incorrectly Addressed Private Data to Hundreds of Students New York City School Accidentally Leaves 12 Boxes of Student Records on Curb 2C1A9629C8B63 Tennessee State University Employee Misplaces Flash Drive with Social Security Data Of Over 9,000 Students Accidental Physical Document & Data Breaches:

The Database College Student Data Intended to be Shredded is Discovered Off-Campus Hard Drive at Colorado University Goes Missing – Potentially Exposing 15,790 Students news0028.htm Accidental Physical Document & Data Breaches:

The Database Story about Teacher in Quebec Negatively Affected by Cell Phone Video of Her Posted on YouTube by Students Stanford University Fights for Privacy Rights of Student Pictures Posted Online in/article.cgi?f=/c/a/1999/09/23/MN55114.DTL&type=printable Article on Benefits and Perils of Video Cameras on School Buses may-be-wired-for-surveillance-privacy-experts-warn-of-perils.html Visual Privacy:

The Database English Newspaper is Censured for Posting Student Photos Online Without Permission Article on the Quebec Student Known as the “Light-Sabre Kid” vacy_090318/ ?hub=SciTech Visual Privacy:

The Database City of Regina Accidentally Gives Out Extraneous Data to Outside Researchers Exposing Thousands information.html YouTube and Viacom Agree to Mask Viewer Data Anonymous Information:

The Database An Article on Google, Lakehead University and Their Connection to the U.S. Patriot Act CBC Article on Health Records Vs. The Patriot Act Data Storage Locations:

The Database “Data Loss Database” Searchable Database of over 2,500 privacy breaches from across the world, affecting almost 5 million records. Additional Resources:

The Database Privacy Rights Clearinghouse Chronological Database of Hundreds of Privacy Breaches Additional Resources: IPC Information and Privacy Commissioner of Ontario

Media Reports excerpt: January 28th is Data Privacy Day around the world, a day dedicated to raising awareness about protecting personal information, especially online. The article contains a list of the major data privacy issues today, according to the privacy commissioner's office. This is a short sample: - New technologies emerge daily, but often personal information is required to use them. Consider how much information you have handed over to play online games, join social networks or even shop online. And what happens if the information ends up in the wrong hands? - Watch out for fraudulent s, be on guard against phishing -- lying about the real reasons someone is data mining -- and much more. Hamilton Spectator - Jan.28, article/713274

Media Reports “Privacy czar launches investigation over personal-settings tool” Privacy commissioner Jennifer Stoddart said yesterday the complaint focuses on a personal-settings tool introduced by Facebook last month. The complainant alleges new default settings would have exposed his information to a greater degree than settings he had previously put in place. Elizabeth Denham, the assistant privacy commissioner, said in a news release the grievance echoes other concerns expressed in recent months. "Some Facebook users are disappointed by certain changes being made to the site -- changes that were supposed to strengthen their privacy and the protection of their personal information." Hamilton Spectator - Jan.28, article/713275

Identity Theft “Identity Theft is much more than credit & debit card skimming. It is the unauthorized collection and fraudulent use of someone else’s personal information.” Hamilton Police Department Definition

- Thief obtains a credit card in victim’s name using personal information. - Thief calls victim’s credit card company and pretending to be the victim. - Thief changes the address on victim’s credit card account. In this instance victim may not know of theft for quit some time. - Thief obtains a cell phone account in victim’s name using stolen identification. - Thief opens a bank account in victim’s name using stolen identification. - Thief steals credit or debit card information from victim’s card. The thief then manufactures a forged card and attacks victim’s account. Types of Identity Theft: Identity Theft

- Identity theft, skimming and other crimes related to criminals getting your personal information is the fastest growing and costliest consumer crime in North America - Identity theft crimes have grown 100% every year since 1997, the year that this type of crime began to be taken seriously - In 2003 (the most recent year stats were available), identity theft cost the Canadian Economy 2.5 billion dollars, and has only risen from there - Canadians have a 1 in 10 to 1 in 20 chance of being victimized by Identity Theft in their lifetime. By comparison, your chance of being physically victimized (via assault, robbery, etc.) in your lifetime is much less than 1 in 100. Some Facts about Identity Theft: Identity Theft Source: Hamilton Police Dept.

- Place passwords on your credit and debit cards and change these often. Avoid using easily available information, ie: birthdate and phone numbers as your password. - Secure personal information in your home. - Don’t give personal information out over the phone, through the mail or over the internet, unless you initiate the contact. - Guard your mail and your trash from theft. Deposit outgoing mail at the post office or secure box instead of an unsecured mailbox. Remove mail from your mailbox promptly. Put your mail on hold if you are going to be away. Law Enforcement Suggestions on How To Avoid Identity Theft: Identity Theft Source: Hamilton Police Dept.

- Shred all mail and paperwork that contains personal information. -Do not carry your SIN card on your person; keep it in a safe place. This should also be so for any identification not needed on a daily basis. - When using you debit or credit card always keep it in your view, watch the clerk as they process your card and always protect you PIN. Law Enforcement Suggestions on How To Avoid Identity Theft: Identity Theft Source: Hamilton Police Dept.

Breakdown

- Select a data base item from the one of the 7 areas - Connect to the internet through the link - Printed examples will be used in the workshop - Review with staff the event, nature of the breach and type of information compromised by this breach - Pose the following questions for discussion: a) Was the information of a nature that could compromise the identity of the individual? b) Could the information be used for malicious purposes? c) Are there legal implications for our organization due to the loss of this data? d) Have we followed the necessary steps to inform the parties of the loss of this information? e) Have we done or can we do anything to re-secure this information Teacher In-service Using the Breach Database Using The Database

Now It’s Your Turn: Using The Database Create a group for discussion purposes: Your board team, or a group of 5 or 6 1)Select a breach from the database. 2)Review the breach on the internet or use one of the printed examples. 3)Pose the questions. 4)Be prepared to report your discussion (20 minutes). 5)Each teams reports will be posted.

Best Practices to Prevent Breaches: Using The Database Resources available for use in teacher in-service: - Privacy videos found on the London region MISA website - Teacher videos - Administration and Central Staff videos (Principals) - I.T. Videos - MISA Breach database found in pdf. format on the MISA website resources - PIM Guidelines

Physical Document & Data Protection for Teachers PIM Videos Click image to stream video in Media Player. Or visit the link below:

Digital Data Protection for Admin/Staff Click image to stream video in Media Player. Or visit the link below: PIM Videos

Discussion Questions for Teachers Physical Document & Data Video: 1. Is there a clear purpose for each type of personal information that I collect, use, retain, or disclose? 2. Do I know when it is appropriate to destroy personal, confidential, or sensitive information? When destroying such information, do I place it in the appropriate shredding bins? 3. Are Ontario Student Records (OSR) and Office Index Cards securely stored in the main office of the school and are only accessible by authorized personnel in the main office of the school. 4. Do I ensure that information about a student(s) is shared only with other staff in the school who are assigned to work with the student(s), and only as needed to improve the education of the student(s). PIM Videos

Discussion Questions for Admin/Staff Digital Data Protection Video: 1. Have I safeguarded all electronic personal information records maintained in password-protected databases? 2. Do I refrain from storing personal, confidential, or sensitive information on a Shared Network Drive? 3. Do I immediately pick up any personal, confidential, or sensitive records sent to printer or photocopier or received by fax? 4. Before sending personal, confidential, or sensitive information via , have I considered taking precautions such as removing personal information? continued... PIM Videos

Discussion Questions for Admin/Staff Digital Data Protection Video: 5. Are computer access rights reviewed and updated regularly to ensure that I do not have access to personal information that I do not need to perform my duties and responsibilities? 6. Am I following the procedures in place for safeguarding personal information on laptops, memory sticks, personal digital assistants (PDAs, e.g., BlackBerry devices), etc.? 7. Do I sometimes share passwords with others? If so, do I immediately change my password afterwards? PIM Videos

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.