Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com.

Published byAlejandro Gonzalez Modified over 10 years ago

Similar presentations

Presentation on theme: "Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com."— Presentation transcript:

1 Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com

2 Copyright 2001 Brett J. Trout Electronic Communications Privacy Act and Employers (ECPA) Enacted in 1986 Enacted in 1986 Amends Omnibus Crime Control Act Amends Omnibus Crime Control Act

3 Copyright 2001 Brett J. Trout ECPA Prohibits interception of e-mail Prohibits interception of e-mail Prohibits access to stored e-mail Prohibits access to stored e-mail Allows Employers to monitor employees Allows Employers to monitor employees Applies to both Applies to both Accessing database Accessing database Capturing keystrokes Capturing keystrokes

4 Copyright 2001 Brett J. Trout ECPA Title II Prohibits intentional access of an electronic communication service Prohibits intentional access of an electronic communication service Relates to any stored electronic communication Relates to any stored electronic communication Email Email Fax Fax etc. etc.

5 Copyright 2001 Brett J. Trout ECPA Title II Exceptions Provider of the service Provider of the service AOL AOL Employer Employer Etc. Etc. Anyone with authorization Anyone with authorization Express Express Implied. Implied.

6 Copyright 2001 Brett J. Trout ECPA Title III Prohibits intentional interception of any electronic communication Prohibits intentional interception of any electronic communication Makes it a crime to capture email while enroute Makes it a crime to capture email while enroute

7 Copyright 2001 Brett J. Trout ECPA Title III Exceptions Employee consented Employee consented impliedly impliedly expressly expressly employment agreement employment agreement email policy email policy Employer interception must be in the ordinary course of business Employer interception must be in the ordinary course of business

8 Copyright 2001 Brett J. Trout ECPA Take Home Employer can Employer can Monitor stored e-mail Monitor stored e-mail Intercept e-mail Intercept e-mail Give Employees express notice Give Employees express notice employment agreement employment agreement email policy email policy Monitor only in ordinary course of business Monitor only in ordinary course of business Stop reading if e-mail is personal Stop reading if e-mail is personal

9 Copyright 2001 Brett J. Trout Computer Fraud and Abuse Act Enacted in 1984 to stem computer crime Enacted in 1984 to stem computer crime Amended in 1996 (National Information Infrastructure Protection Act) to criminalize: Amended in 1996 (National Information Infrastructure Protection Act) to criminalize: Threats to computer networks Threats to computer networks Release of viruses or worms Release of viruses or worms Hacking Hacking Hijacking Hijacking Destructive ecommerce activity Destructive ecommerce activity

10 Copyright 2001 Brett J. Trout CFAA Makes it Illegal To knowingly access a computer without authorization To knowingly access a computer without authorization For fraudulent purposes For fraudulent purposes To access confidential information To access confidential information To access financial information To access financial information To cause damage to a computer system To cause damage to a computer system

11 Copyright 2001 Brett J. Trout Economic Espionage Act Enacted in 1996 Enacted in 1996 18 U.S.C. section 1831 et seq. 18 U.S.C. section 1831 et seq. Makes it illegal to take or receive trade secrets Makes it illegal to take or receive trade secrets Enacted to curb economic and industrial espionage Enacted to curb economic and industrial espionage

12 Copyright 2001 Brett J. Trout EEA Civil Penalties Civil Penalties Injunction Injunction Forfeiture of profits and instrumentalities to government Forfeiture of profits and instrumentalities to government Criminal Penalties Criminal Penalties Injure or benefit - 10yr/250K/5M Injure or benefit - 10yr/250K/5M Benefit foreign power – 15yr/500K/10M Benefit foreign power – 15yr/500K/10M

13 Copyright 2001 Brett J. Trout Hacking According to PriceWaterhouseCooper According to PriceWaterhouseCooper Hacking cost United States companies Hacking cost United States companies $1.5 trillion in 2000 $1.5 trillion in 2000 World Trade Center insurable loss World Trade Center insurable loss $50 billion $50 billion One year of hacking equals 30 Trade Center attacks. One year of hacking equals 30 Trade Center attacks.

14 Copyright 2001 Brett J. Trout Types of Hacking Denial of Service Attack Denial of Service Attack Packet Sniffing Packet Sniffing Spoofing Spoofing Keystroke Monitoring Keystroke Monitoring Viruses Viruses Cracking Cracking Exploiting Holes Exploiting Holes Diddling Diddling

15 Copyright 2001 Brett J. Trout Denial of Service Attack Any action to prevent server from functioning Any action to prevent server from functioning Usually enlists unsecure computers to bombard server with requests Usually enlists unsecure computers to bombard server with requests Floods server Floods server Prevents normal functioning Prevents normal functioning Difficult to track down Difficult to track down

16 Copyright 2001 Brett J. Trout Packet Sniffing Internet information travels in packets with header Internet information travels in packets with header Sniffer software searches for packets containing these headers Sniffer software searches for packets containing these headers Used to audit and identify network packet traffic Used to audit and identify network packet traffic Can uncover passwords and/or usernames Can uncover passwords and/or usernames Easy to do Easy to do Difficult to detect Difficult to detect

17 Copyright 2001 Brett J. Trout Spoofing Pretending to be another user Pretending to be another user Includes Includes Deceptive sender information (spam) Deceptive sender information (spam) Deceptive use of username and/or password Deceptive use of username and/or password

18 Copyright 2001 Brett J. Trout Keystroke Monitoring Inexpensive software Inexpensive software Installed on computer Installed on computer Hardwired to computer Hardwired to computer Allows Allows Reconstruction of users activity Reconstruction of users activity Identification of usernames/passwords Identification of usernames/passwords Illegal Illegal

19 Copyright 2001 Brett J. Trout Viruses Software that Software that Modifies other software Modifies other software Replicates itself Replicates itself Sends itself on to other computers Sends itself on to other computers Types Types Replication Replication DOS DOS Data destruction Data destruction

20 Copyright 2001 Brett J. Trout Virus Prevention Virus protection software Virus protection software Only works if it is turned on Only works if it is turned on Constantly update Constantly update Keep apprised of latest viruses Keep apprised of latest viruses Do not open attachments from unknown senders Do not open attachments from unknown senders

21 Copyright 2001 Brett J. Trout Virus Prevention Do not open files with extensions: Do not open files with extensions:.exe.exe.vbs.vbs.pif.pif Use Eudora, rather than Outlook Use Eudora, rather than Outlook

22 Copyright 2001 Brett J. Trout Cracking Defeating copy-protection Defeating copy-protection Determining passwords/usernames Determining passwords/usernames Typically illegal Typically illegal

23 Copyright 2001 Brett J. Trout Exploiting Security Holes Microsoft XP e-wallet Microsoft XP e-wallet Unauthorized users could get credit card information Unauthorized users could get credit card information Microsoft Outlook Microsoft Outlook Vulnerable to viruses Vulnerable to viruses Keep abreast of Keep abreast of New developments New developments Patches Patches

24 Copyright 2001 Brett J. Trout Diddling Obtaining unauthorized access to Obtaining unauthorized access to Modify Modify Delete Delete Set time bomb Set time bomb

25 Copyright 2001 Brett J. Trout Insurance Typically very expensive Typically very expensive Very good exercise to identify and address problems Very good exercise to identify and address problems

26 Copyright 2001 Brett J. Trout Insurance The number of companies who cited their Internet connection as a frequent point of attack has increased steadily from 47% in 1998 to 70% in 2001. The number of companies who cited their Internet connection as a frequent point of attack has increased steadily from 47% in 1998 to 70% in 2001. Marsh Advantage America Leisa Fox www.netsecuresite.com

27 Copyright 2001 Brett J. Trout Insurance 78% of companies acknowledged financial losses due to computer breaches 78% of companies acknowledged financial losses due to computer breaches 37% of companies are willing or able to quantify their financial losses 37% of companies are willing or able to quantify their financial losses The most serious financial losses occur through theft of proprietary information. The most serious financial losses occur through theft of proprietary information. Marsh Advantage America-Leisa Fox www.netsecuresite.com

28 Copyright 2001 Brett J. Trout Misconceptions I have staff in place who are keeping me safe I have staff in place who are keeping me safe I have a firewall, so Im protected I have a firewall, so Im protected Our network is password protected, so Im doing all I can. Our network is password protected, so Im doing all I can. Our contracts transfer liability, so I have nothing to worry about Our contracts transfer liability, so I have nothing to worry about My employees would never do anything to jeopardize my companies data My employees would never do anything to jeopardize my companies data

29 Copyright 2001 Brett J. Trout Risks Legal Risks Legal Risks Credibility Risks Credibility Risks Security Risks Security Risks Financial Risks Financial Risks Marsh Advantage America-Leisa Fox www.netsecuresite.com

30 Copyright 2001 Brett J. Trout Legal Risks Defense Costs - exaggerated because of the lack of current case law Defense Costs - exaggerated because of the lack of current case law Inability to determine value of Intellectual Property Inability to determine value of Intellectual Property Copyright/Trademark Infringement Copyright/Trademark Infringement Libel/Slander & Defamation Libel/Slander & Defamation Plagiarism Plagiarism D&O suit for insufficient security measures D&O suit for insufficient security measures Regulatory Costs Regulatory Costs

31 Copyright 2001 Brett J. Trout Security Risks Digital Terrorism Digital Terrorism Internal Crime Internal Crime External Crime External Crime Virus Attacks Virus Attacks Marsh Advantage America-Leisa Fox www.netsecuresite.com

32 Copyright 2001 Brett J. Trout Credibility Risks Organizations that experience security breaches keep them quiet. Organizations that experience security breaches keep them quiet. A breach can do grave damage to a companys reputation. A breach can do grave damage to a companys reputation. Marsh Advantage America-Leisa Fox www.netsecuresite.com

33 Copyright 2001 Brett J. Trout Financial Risks Prior risks translate into costs: Business Income Loss Business Income Loss Reconstruction of lost data Reconstruction of lost data Investor Relationships Investor Relationships Defense Costs Defense Costs Marsh Advantage America-Leisa Fox www.netsecuresite.com

34 Copyright 2001 Brett J. Trout Solutions Identify & Prioritize the risks Identify & Prioritize the risks Consider Technology Solutions Consider Technology Solutions Consider Process/Policy Solutions Consider Process/Policy Solutions Transfer or Eliminate Risks that are to costly to retain Transfer or Eliminate Risks that are to costly to retain Marsh Advantage America-Leisa Fox www.netsecuresite.com

35 Copyright 2001 Brett J. Trout Key People The Cs - CEOs, CFOs, CTOs, CSOs, CIOs The Cs - CEOs, CFOs, CTOs, CSOs, CIOs Human Resources Human Resources IT IT Marketing Marketing Legal Counsel Legal Counsel Risk Manager/Insurance Agent Risk Manager/Insurance Agent Marsh Advantage America-Leisa Fox www.netsecuresite.com

36 Copyright 2001 Brett J. Trout Misconceptions I have coverage under my package policy I have coverage under my package policy I have an E&O Policy that covers it I have an E&O Policy that covers it I have an EDP Policy I have an EDP Policy Marsh Advantage America-Leisa Fox www.netsecuresite.com

37 Copyright 2001 Brett J. Trout Policies Cover Policies may include coverage for: Policies may include coverage for: Virus Attacks Virus Attacks Data reconstruction Data reconstruction Business Income Loss Business Income Loss Disaster Recovery Disaster Recovery Defense Costs, etc. Defense Costs, etc. Marsh Advantage America-Leisa Fox www.netsecuresite.com

38 Copyright 2001 Brett J. Trout Costs Pricing varies greatly based on exposures. Pricing varies greatly based on exposures. Third party policies are vastly more affordable than First party policies. Third party policies are vastly more affordable than First party policies. You can expect to pay anywhere from $7,500 to $100,000 for a Cyber Risk Policy. You can expect to pay anywhere from $7,500 to $100,000 for a Cyber Risk Policy. Marsh Advantage America-Leisa Fox www.netsecuresite.com

39 Copyright 2001 Brett J. Trout Internet Privacy You have zero privacy anyway Get over it. Scott McNeally, Sun Microsystems CEO Wired News (March 11, 1999)

40 Copyright 2001 Brett J. Trout Internet Privacy Policy Components Components Notice of Data Collection – How, What, Why Notice of Data Collection – How, What, Why Choice – Partial or total opt out Choice – Partial or total opt out Access to Data – Option to modify or delete Access to Data – Option to modify or delete Security Security

41 Copyright 2001 Brett J. Trout Internet Privacy Privacy Policy Privacy Policy Develop one today Develop one today Follow it Follow it Designate IT privacy czar Designate IT privacy czar Audit your policy - regularly Audit your policy - regularly

42 Copyright 2001 Brett J. Trout Consumer Privacy Protection Act Pending legislation Pending legislation Mandates privacy collection procedures Mandates privacy collection procedures Private Right of Action Private Right of Action $50,000 statutory damages $50,000 statutory damages Punitive damages Punitive damages Attorney fees Attorney fees Something like this will become law Something like this will become law

43 Copyright 2001 Brett J. Trout Cookies A computer science term A computer science term An opaque piece of data held by an intermediary An opaque piece of data held by an intermediary

44 Copyright 2001 Brett J. Trout What is a Cookie? HTTP header HTTP header Text-only string Text-only string Associated with your browser Associated with your browser Unique identifier Unique identifier Cannot be used as a virus Cannot be used as a virus Cannot access your hard drive. Cannot access your hard drive.

45 Copyright 2001 Brett J. Trout Doubleclick Doubleclick used cookies to aggregate user information Doubleclick used cookies to aggregate user information Users sued Users sued SDNY Court held 3/28/2001 SDNY Court held 3/28/2001 No violation No violation

46 Copyright 2001 Brett J. Trout Childrens Online Privacy Protection Act Requires the Federal Trade Commissioner to issue and enforce regulations which regulate the ability of Websites to collect personal information from children under the age of 13.

47 Copyright 2001 Brett J. Trout COPPA Passed into Law October 21, 1998 Passed into Law October 21, 1998 Covers personal information collected after April 21, 2000 Covers personal information collected after April 21, 2000 COPPA applies to COPPA applies to Web sites and online services Web sites and online services Targeted to, or know they are Targeted to, or know they are Collecting data Collecting data From children under 13. From children under 13.

48 Copyright 2001 Brett J. Trout COPPA Requirements Post a privacy policy Post a privacy policy Conspicuous Conspicuous What data you collect What data you collect What you do with it. What you do with it. Obtain verifiable consent from the child's parent Obtain verifiable consent from the child's parent Before you collect any data. Importantly Before you collect any data. Importantly Change in policy requires new consent Change in policy requires new consent

49 Copyright 2001 Brett J. Trout COPPA Requirements Give option to revoke consent Give option to revoke consent Allow parents to review data collected Allow parents to review data collected Ensure security and integrity of the data you collect. Ensure security and integrity of the data you collect.

50 Copyright 2001 Brett J. Trout Gramm-Leach Bliley Subjects financial institutions to certain reporting and disclosure requirements intended to ensure the personal and financial privacy of customers

51 Copyright 2001 Brett J. Trout Financial Institution Lending, exchanging, transferring, investing for others, or safeguarding money or securities; Lending, exchanging, transferring, investing for others, or safeguarding money or securities; Issuing or selling instruments representing interests in pools of assets which a bank can hold directly; Issuing or selling instruments representing interests in pools of assets which a bank can hold directly; Engaging in any activity … so closely related to banking or managing … as to be a proper incident thereto. Engaging in any activity … so closely related to banking or managing … as to be a proper incident thereto.

52 Copyright 2001 Brett J. Trout GLB Data Disclosure Opt out Opt out Prohibits disclosure by financial institution, without allowing consumer to opt out. Prohibits disclosure by financial institution, without allowing consumer to opt out. Third party disclosure Third party disclosure Allowed for the purpose of permitting third party to perform services for the financial institution. Allowed for the purpose of permitting third party to perform services for the financial institution.

53 Copyright 2001 Brett J. Trout GLB Data Disclosure Prohibits third party from disclosing nonpublic personal information Prohibits third party from disclosing nonpublic personal information Unless disclosure would be lawful if made directly to such other person by the financial institution. Unless disclosure would be lawful if made directly to such other person by the financial institution. Prohibits sharing of account number information for marketing purposes Prohibits sharing of account number information for marketing purposes Different requirements for different levels of relationships. Different requirements for different levels of relationships.

54 Copyright 2001 Brett J. Trout Health Insurance Portability and Accountability Act Forces health providers and insurers to use technology in a more uniform, less proprietary manner

55 Copyright 2001 Brett J. Trout HIPPA Goals Standardization Standardization Security Security Privacy Privacy

56 Copyright 2001 Brett J. Trout Areas of Focus Technical Security Services Technical Security Services User authorization and authentication User authorization and authentication Access control and encryption Access control and encryption Administrative Procedures Administrative Procedures Formal security planning Formal security planning Record maintenance and audits Record maintenance and audits Physical Safeguards Physical Safeguards Security to building Security to building Privacy for workstations handling patient information Privacy for workstations handling patient information

57 Copyright 2001 Brett J. Trout HIPPA Can apply to both health care and non-health care entities Can apply to both health care and non-health care entities Forces covered entities to uniformly transmit and receive certain data electronically Forces covered entities to uniformly transmit and receive certain data electronically Requires the use of standard identifiers (rather than proprietary codes) to identify health care providers, employers, health plans and patients Requires the use of standard identifiers (rather than proprietary codes) to identify health care providers, employers, health plans and patients

58 Copyright 2001 Brett J. Trout Employers Must have written policies and notify employees of HIPPA policies Must have written policies and notify employees of HIPPA policies Must get consents to the release of certain information in certain circumstances Must get consents to the release of certain information in certain circumstances Must give employees access to their medical records Must give employees access to their medical records Must have contacts in place with providers to insure that they safeguard information Must have contacts in place with providers to insure that they safeguard information

59 Copyright 2001 Brett J. Trout Employers Identify stored health information and who has access to it Identify stored health information and who has access to it Identify how the information is used and its flow Identify how the information is used and its flow Correlate all privacy policies Correlate all privacy policies Standardize all relevant third-party provider contracts Standardize all relevant third-party provider contracts

60 Copyright 2001 Brett J. Trout European Union Directive on Privacy Effective 25 October 1998 Effective 25 October 1998 Every EU must enact national law consistent with the Directive Every EU must enact national law consistent with the Directive Many EU countries had privacy laws before the Directive Many EU countries had privacy laws before the Directive

61 Copyright 2001 Brett J. Trout EU Directive World-wide standard World-wide standard Enforcement has begun in the U.S. Enforcement has begun in the U.S.

62 Copyright 2001 Brett J. Trout Compliance The Safe Harbor The Safe Harbor Specific contracts blessed by European Data Protection Authorities Specific contracts blessed by European Data Protection Authorities Exceptions or derogations to the Directive Exceptions or derogations to the Directive

63 Copyright 2001 Brett J. Trout Safe Harbor Seven privacy principles issued by US Department of Commerce on July 21, 2000 for personal data collection Seven privacy principles issued by US Department of Commerce on July 21, 2000 for personal data collection

64 Copyright 2001 Brett J. Trout Seven Provisions Notice Notice Opt in Opt in Opt out Opt out Security Security Maintain Integrity of Data Maintain Integrity of Data Procedure for Data Correction Procedure for Data Correction Data Transfer Data Transfer

65 Copyright 2001 Brett J. Trout Notice Clear Language Clear Language Purpose of Collection Purpose of Collection Contact information for inquiries or complaints Contact information for inquiries or complaints To whom you disclose information To whom you disclose information Options for limiting use and disclosure of the information. Options for limiting use and disclosure of the information.

66 Copyright 2001 Brett J. Trout Opt in/Opt out Opt out Opt out Disclosed to third party Disclosed to third party Used for new purpose Used for new purpose Opt in Opt in Sensitive information Sensitive information Race, health, union membership, sexual preference Race, health, union membership, sexual preference If disclosed to third party If disclosed to third party If used for new purpose If used for new purpose

67 Copyright 2001 Brett J. Trout Security Loss Loss Misuse Misuse Unauthorized access Unauthorized access Disclosure Disclosure Alteration Alteration Destruction. Destruction.

68 Copyright 2001 Brett J. Trout Maintain Integrity of Data Reliable for intended use Reliable for intended use Accurate Accurate Complete Complete Current. Current.

69 Copyright 2001 Brett J. Trout Procedures For Correction Correct, amend, or delete inaccurate information Correct, amend, or delete inaccurate information Not necessary where: Not necessary where: Burden much greater than potential harm Burden much greater than potential harm Would compromise confidential information of others Would compromise confidential information of others

70 Copyright 2001 Brett J. Trout Data Transfer Must include Must include Notice Provisions Notice Provisions Choice Provisions Choice Provisions Agent must Agent must Subscribe to the foregoing principles; or Subscribe to the foregoing principles; or Enter into a written agreement requiring agent provide at least the same level of privacy protection as provider Enter into a written agreement requiring agent provide at least the same level of privacy protection as provider

71 Copyright 2001 Brett J. Trout Safe Harbor Access Access Individuals must have access to their information Individuals must have access to their information Ability to correct or remove inaccurate information Ability to correct or remove inaccurate information Disproportionate burden exception Disproportionate burden exception Enforcement Enforcement Mechanisms for investigating and resolving complaints Mechanisms for investigating and resolving complaints Procedures for verifying privacy statements Procedures for verifying privacy statements Obligation to remedy problems Obligation to remedy problems

72 Copyright 2001 Brett J. Trout EU Directive Enforcement by competitors Enforcement by competitors Failure to comply could lead to cut-off in data and actions against European partners Failure to comply could lead to cut-off in data and actions against European partners

73 Copyright 2001 Brett J. Trout Falling Under Safe Harbor Self-certification on DOC website Self-certification on DOC website Hard part - applying to business practices Hard part - applying to business practices Financial services firms cannot join Safe Harbor unless under the FTC Financial services firms cannot join Safe Harbor unless under the FTC

74 Copyright 2001 Brett J. Trout EU Directive Over 40 countries now have substantial privacy laws Over 40 countries now have substantial privacy laws Most either copy or comply with the EU Privacy Directive Most either copy or comply with the EU Privacy Directive

75 Copyright 2001 Brett J. Trout EU Directive Compliance requirement is real Compliance requirement is real Safe Harbor likely best but not only option Safe Harbor likely best but not only option Dont copy another companys privacy policy Dont copy another companys privacy policy

76 Copyright 2001 Brett J. Trout What To Do Audit current privacy practice Audit current privacy practice Develop EU Directive conforming policy Develop EU Directive conforming policy Comport practice with policy Comport practice with policy Require Warranties & Indemnities from third parties using your data Require Warranties & Indemnities from third parties using your data Encrypt data transmissions Encrypt data transmissions

77 Copyright 2001 Brett J. Trout Privacy Technology Establish Firewall Establish Firewall Monitor Cookies – turn off as appropriate Monitor Cookies – turn off as appropriate Run Virus Detection Software Run Virus Detection Software Anonymizer Anonymizer TRUSTe - will review your privacy policy TRUSTe - will review your privacy policy Asymmetric cryptography Asymmetric cryptography Future technology Future technology Platform For Privacy Preferences Platform For Privacy Preferences Defines exactly the level of information disclosed Defines exactly the level of information disclosed

78 Copyright 2001 Brett J. Trout Additional Steps Security Policies Security Policies Rotate passwords Rotate passwords Monitor access and file transfer Monitor access and file transfer Implement network vulnerability study Implement network vulnerability study Implement a disaster recovery plan Implement a disaster recovery plan Limit modification of workstation Limit modification of workstation Obtain insurance Obtain insurance

79 Copyright 2001 Brett J. Trout Thank You

Download ppt "Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com."

Similar presentations

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
IT Security Policy Framework

IT Security Policy Framework
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
Digital Assets Presented by Sharon Rivenson Mark, Esq. and Shirley B. Whitenack, Esq. Adapted from Presentation by Catherine A. Seal, Esq.

Digital Assets Presented by Sharon Rivenson Mark, Esq. and Shirley B. Whitenack, Esq. Adapted from Presentation by Catherine A. Seal, Esq.
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.

Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Confidentiality and HIPAA

Confidentiality and HIPAA
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
2 3 4 5 6 www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202) 353-7848.

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Data Protection and Records Management

Data Protection and Records Management
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Similar presentations

Ads by Google