Search

Showing total 79 results
Start Over Topic data security failures Region united states
79 results

2. Challenging the Carceral Imaginary in a Digital Age: Epistemic Asymmetries and the Right to Be Forgotten.

Author

Pitts, Andrea J.

Subjects
RIGHT to be forgotten, DATA protection, DATA privacy, RIGHT of privacy, DATA security failures, ONLINE databases, CRIMINAL records
Abstract

Copyright of International Journal of Political Philosophy / Las Torres de Lucca is the property of Revista Las Torres de Lucca. Facultad de Filosofia, Ciudad Universitaria and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published
2021
Full Text
View/download PDF

3. Data breaches and corporate liquidity management.

Author

Boasiako, Kwabena A. and Keefe, Michael O'Connor

Subjects
DATA security failures, INDUSTRIAL management, DISCLOSURE laws, DATA security insurance, FINANCIAL policy
Abstract

This paper investigates the effects of data breach disclosure laws and the subsequent disclosure of data breaches on the cash policies of corporations in the United States. Exploiting a series of natural experiments regarding staggered state‐level data breach disclosure laws, we find that the passage of mandatory disclosure laws leads to an increase in cash holdings. Our finding suggests that mandatory data breach disclosure laws increase the risks related to data breaches. Further, we find firms that suffer data breaches adjust their financial policies by holding more cash as well as decreasing external finance and investment. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

4. The "Dirty Dozen" Tax Scams Plus 1.

Author

Thorne, Betty M. and Stryker, Judson P.

Subjects
TAX evasion, DATA security failures, IDENTITY theft, FINANCIAL institutions, SMALL business, BIG business, GOVERNMENT agencies
Abstract

Tax scams, data breaches, and identity fraud impact consumers, financial institutions, large and small businesses, government agencies, and nearly everyone in the twenty-first century. The Internal Revenue Service (IRS) annually issues its top 12 list of tax scams, known as the "dirty dozen tax scams." The number one tax scam on the IRS 2014 list is the serious crime of identity theft. The 2014 list also includes telephone scams, phishing, false promises of "free money," return preparer fraud, hiding income offshore, impersonation of charitable organizations, false income, expenses, or exemptions, frivolous arguments, false wage claims, abusive tax structures, misuse of trusts and identity theft. This paper discusses each of these scams and how taxpayers may be able to protect themselves from becoming a victim of tax fraud and other forms of identity fraud. An actual identity theft nightmare is included in this paper along with suggestions on how to recover from identity theft. [ABSTRACT FROM AUTHOR]

Published
2015

5. Securing the Human: Employee Security Vulnerability Risk in Organizational Settings.

Author

Sebescen, Nina and Vitak, Jessica

Subjects
DATA security failures, ASSOCIATIONS, institutions, etc., ANALYSIS of variance, DECISION making, MANAGEMENT, PROBABILITY theory, REGRESSION analysis, RISK management in business, SECURITY systems, SURVEYS, DATA security, PREVENTION
Abstract

As organizational security breaches increase, so too does the need to fully understand the human factors that lead to these breaches and take the necessary steps to minimize threats. The present study evaluates how three sets of employee characteristics (demographic, company-specific, and skills-based) predict an employee's likelihood of becoming a security breach victim. In order to move beyond traditional evaluations of security threats, which generally consider security threats individually, analyses in this paper approach security vulnerability from a more holistic approach to analyze four risk categories concurrently: phishing, passwords, bring your own device (BYOD), and company-supplied laptops. Findings from a survey of 250 employees at a medium-sized American information technology (IT) consulting firm identify higher-risk employees across the four risk areas and provide new insights into the challenges organizations face when trying to ensure the protection of company data. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

7. GIVING THE CYBERSECURITY MATURITY MODEL CERTIFICATION TEETH: ENSURING COMPLIANCE IN CONTRACTOR SELF-CERTIFICATIONS.

Author

HOESMAN, THOMAS J.

Subjects
INTERNET security, DATA security, CONTRACTORS, DATA security failures
Abstract

The article discusses the updated version of the Cybersecurity Maturity Model Certification (CMMC) framework released by the U.S. Department of Defense wherein contractors will self-certify that they have met cybersecurity requirements designed to keep their information systems secure. Topics include an overview of the history of contractor cyber networks and systems, the circumstances leading up to the CMMC and the current state of the CMMC framework, and the risks associated with the system.

Published
2023

8. US Hospitals Prone to Cyberattacks Like One That Impacted Patient Care at Ascension, Experts Say.

Author

Pradhan, Rachana and Public:, Michigan

Subjects
DATA security, HOSPITAL information systems, DATA security failures, PATIENT care, WORKFLOW, ELECTRONIC health records, HEALTH care industry, FRAUD
Abstract

The article focuses on the impact of a ransomware cyberattack on Ascension, highlighting how it disrupted patient care systems across its nationwide network, leading to medication errors, delayed lab results, and safety procedure lapses. Topics include the firsthand accounts of healthcare professionals affected by the attack, emphasizing their struggles with compromised electronic health records and the significant operational challenges faced during the aftermath.

Published
2024

9. State Courts and the Transformation to Virtual Courts.

Author

ARESTY, JEFF, RAINEY, DANIEL, CORMIE, JAMES, and Podevin, J.F.

Subjects
STATE court websites, CIVIL procedure, CRIMINAL procedure, INFORMATION & communication technologies, DATA security failures, ELECTRONIC discovery (Law), PREVENTION
Abstract

The article advocates that state courts in the U.S. are adopting technology in order to ameliorate their paper-based and face-to-face systems by shifting the paradigm to virtual courts in context to civil and criminal proceedings. It also sheds light on many ways by which information and communication technology (ICT) can affect a law. It informs that implementation of technology can help in managing cases remotely, preventing data security failures, and governing electronic discovery.

Published
2013

10. Information Security in Libraries: Examining the Effects of Knowledge Transfer.

Author

San Nicolas-Rocca, Tonia and Burkhard, Richard J.

Subjects
DATA security failures, LIBRARIES, MATHEMATICAL models, MEDICAL ethics, MOTIVATION (Psychology), PERSONNEL records, PRIVACY, RISK management in business, THEORY, ACCESS to information, DATA security, STANDARDS, PREVENTION
Abstract

Libraries in the United States handle sensitive patron information, including personally identifiable information and circulation records. With libraries providing services to millions of patrons across the U.S., it is important that they understand the importance of patron privacy and how to protect it. This study investigates how knowledge transferred within an online cybersecurity education affects library employee information security practices. The results of this study suggest that knowledge transfer does have a positive effect on library employee information security and risk management practices. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

11. التأثري السيرباني يف األمن القومي للدول الفاعلة (الواليات املتحدة األمريكية) امنوذج.

Author

اسراء شريف الكعو

Subjects
INFORMATION technology security, INTERNET security, CYBERTERRORISM, CYBERSPACE, NATIONAL security, COMPUTERS, DATA security failures
Abstract

Copyright of Journal of Political Sciences is the property of Republic of Iraq Ministry of Higher Education & Scientific Research (MOHESR) and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published
2022
Full Text
View/download PDF

12. Temporal Trends and Characteristics of Reportable Health Data Breaches, 2010-2017.

Author

McCoy, Thomas H., Perlis, Roy H., and McCoy, Thomas H Jr

Subjects
MEDICAL records, DATA security failures, ELECTRONIC health records, DATA protection, HEALTH Insurance Portability & Accountability Act, SECURITY systems, HEALTH insurance statistics, MEDICAL ethics, MEDICAL informatics, MEDICAL personnel, PRIVACY, PUBLIC health laws, RESEARCH funding, DATA security
Abstract

This study uses public data to examine the nature and extent of health data confidentiality breaches from 2010 through 2017 [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

13. Which Nationals Use Sci-Hub Mostly?

Author

Wan, Shu

Subjects
MEDICAL databases, INTERNET protocols, DATA security failures, DEVELOPED countries, ACADEMIC libraries, INTERNET searching, SERIAL publications, COPYRIGHT, FULL-text databases, ACCESS to information, SEARCH engines, OPEN access publishing, WORLD Wide Web
Abstract

In the last decade, Sci-Hub has become prevalent among academic information users across the world. Providing thousands of users with millions of uncopyrighted electronic academic resources, this information pirate website has become a significant threat to copyrights in cyberspace. Information scholars have examined the unequal distribution of IP addresses of Sci-Hub users' nationality and emphasized the high proportion taken by users from the developed countries. This study finds new evidence from Google Scholar. Searching "Sci-Hub.tw" in the academic search engine, the author finds 531 results containing the keyword. Considering the result, the author argues that academic users in South American countries may use Sci-Hub more frequently than their counterparts in the rest of the world. Moreover, users in the Global North also rely on Sci-Hub to complete their research as well. The new evidence on Google Scholar proves the universal use of Sci-Hub across the world. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

14. Experts advise new tactics to fight data breaches.

Author

Tashea, Jason

Subjects
DATA security failures, LAW firms, LAWYERS, INTERNET security, SPECIALISTS, RANSOMWARE, SECURITY systems, ATTITUDE (Psychology), POLITICAL attitudes, PREVENTION
Abstract

The article discusses several legal and cybersecurity experts such as Jonathan Stribling-Uss, Luke Dembosky, and Jake Frazier who have proposed various tactics that lawyers and law firms in places such as the U.S. can utilize to combat and prevent additional data security breaches. The Panama Papers document leak is examined, along with ransomware attacks and ideologically motivated computer hacks. Data security measures involving digital fingerprints are also assessed.

Published
2016

15. Classified Information in the Public Sphere.

Author

Clark, Robert

Subjects
*LEAKS (Disclosure of information), *DATA security failures, *ESPIONAGE laws, *ACCESS control for government information, *LAW
Abstract

This paper examines some of the legal issues involved in the recent leaks of classified government documents by NSA contractor Edward Snowden and the publication of those leaks in The Guardian. It is intended for an audience of librarians and other information professionals who wish to learn more about the law surrounding government leaks. The story of the leaks to date--how Snowden acquired the documents, how they came to be published, and the public aftermath--is briefly sketched. This is followed by an examination of the theft and espionage charges against Snowden, a look at precedents for using the Espionage Act to prosecute leakers, and an analysis of the government's present case. A similar analysis is given for the possible charges against Greenwald, which are deemed highly unlikely to be pursued. [ABSTRACT FROM AUTHOR]

Published
2013

16. Information Security Control Theory: Achieving a Sustainable Reconciliation Between Sharing and Protecting the Privacy of Information.

Author

Anderson, Chad, Baskerville, Richard L., and Kaul, Mala

Subjects
DATA security failures, INFORMATION technology security, DATA protection, INFORMATION resources management, INFORMATION sharing, LAW enforcement, SECURITY management, HEALTH care industry
Abstract

Contemporary organizations operate in highly interconnected environments where they are frequently confronted by the challenge of balancing the protection of information resources with the need for sharing information. This tension between the expected benefits and the potential security risks inherent in the information sharing process, exists in many domains, including business, health care, law enforcement, and military—yet it is not well-understood. We propose an information security control theory to explain and manage this tension. We evaluate this theory through a longitudinal case study of the iterative development of the information security policies for a health information exchange in the western United States. Our study shows that the theory offers a good framework through which to understand the information security policy development process, and a way to reconcile the tension between information sharing and information protection. The theory has practical applicability to many business domains. [ABSTRACT FROM PUBLISHER]

Published
2017
Full Text
View/download PDF

17. The UK's faster payment project: avoiding a bonanza for cybercrime fraudsters.

Author

Fisher, Jonathan

Subjects
COMPUTER crimes, CHECKS -- Law & legislation, DATA security failures, COMPARATIVE studies, BIOMETRY, CHECK fraud, BANK fraud, CHECKS, SECURITY systems
Abstract

The article presents a research which considers the increased exposure to cyber crime which would result if one-day cheque clearance were introduced in the United Kingdom. It reports that the study used a comparative analysis of the UK and the United States cheque-clearance systems, and examines the enhanced vulnerability to fraud occasioned by a one-day cheque clearance systems. It also considers the resulting evidential difficulties encountered in US cheque fraud prosecutions and explores the possibility of biometric fingerprint authorization as a prevention strategy. It concludes that the introduction of one-day cheque clearance in the US came with an increase in cyber-crime banking fraud which would likely occur in the UK if one-day cheque clearance were to be introduced.

Published
2008
Full Text
View/download PDF

19. PROTECTING PERSONAL INFORMATION: A Guide for Businesses.

Subjects
DATA protection, DATA security, INFORMATION resources management, DATA security failures
Abstract

The article presents a guide for businesses on common-sense steps to protect customers, employees and the business itself from data breach. It is stated that the guide is a joint project between the Nebraska Department of Justice and the U.S. Federal Trade Commission. It notes the key principles of a sound data security plan, which include proper information identification, storage, protection, disposal and planning. Details on these principles are also included.

Published
2008

20. How Inequality Distorts Economics.

Author

Block, Fred

Subjects
WEALTH, GREAT Recession, 2008-2013, TAX cuts, HOUSEHOLDS, CORPORATE profits, DATA security failures
Abstract

The article focuses on the economic consequences of growing wealth inequality. Topics include U.S. government data shows that through the Great Recession, personal saving in the U.S. had been trending steadily downward and this downturn was often cited to justify tax cuts for high-income households, U.S.-based firms have a strong incentive to credit as much of their overseas profits as possible to subsidiaries in places with low rates of taxation on corporate profits, and leak of data from the U.S. Treasury's Financial Crimes Enforcement Network documents the enormous scale of illicit transactions.

Published
2021
Full Text
View/download PDF

22. MORE THAN A SUSPECT: An Investigation into the Connection Between Data Breaches, Identity Theft, and Data Breach Notification Laws.

Author

Bisogni, Fabio and Asghari, Hadi

Subjects
DATA security failures, IDENTITY theft, DATA modeling, ATTORNEYS general, LEARNING communities
Abstract

This article investigates the relationship between data breaches and identity theft, including the impact of Data Breach Notification Laws (DBNL) on these incidents (using empirical data and Bayesian modeling). We collected incident data on breaches and identity thefts over a 13-year timespan (2005–2017) in the United States. Our analysis shows that the correlation is driven by the size of a state. Enacting a DBNL still slightly reduces rates of identity theft; while publishing breaches notifications by Attorney Generals helps the broader security community learning about them. We conclude with an in-depth discussion on what the European Union can learn from the US experience. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

23. Bidding Farewell to Privacy?: Protecting Our Secrets from the Impact of Data Aggregator Security Breaches.

Author

Rebovich, Donald

Subjects
RIGHT of privacy, DATA security failures, INTERNET, IDENTITY theft
Abstract

Bidding Farewell to Privacy? : Protecting Our Secrets from the Impact of Data Aggregator Security Breaches Abstract: For decades, data aggregator firms, like ChoicePoint, LexisNexis, Westlaw, and Equifax, have been collecting financial and personal data on American citizens. Due to the combined forces of the rise of the Internet and industry consolidation, data aggregators can combine their databases with the Government databases of crime statistics, licenses and voter records to bring all this information together in one place. Used properly, this information can serve to protect national security and thwart terrorism. Used improperly, it can cause great harm to innocent citizens.In 2005, several data aggregator companies experienced breaches of security that became public and called into question the effective protection of this sensitive information. The most notable of these breaches was a victimization of ChoicePoint that involved the illegal extraction of data on 145,000 people by a Nigerian fraudster posing as several small business owners. This important security breach and fraud, and similar incidents that followed, served to focus public attention on personal privacy, identity fraud and the role of data aggregators in the U.S. Extensive coverage by the media helped fuel a national debate on privacy and security in the new national landscape of information sharing. The goal of this paper is to discuss the trend toward increased information compiling by large data aggregating companies, inherent threats to the security of this information, individual privacy and what role our government plays in information sharing and protection. The role of media and its level of fairness in coverage will also be discussed. Perspectives are provided through interviews with representatives of international data aggregators victimized by security breaches. ..PAT.-Unpublished Manuscript [ABSTRACT FROM AUTHOR]

Published
2007

24. How persuasive is phishing email? The role of authentic design, influence and current events in email judgements.

Author

Williams, Emma J. and Polage, Danielle

Subjects
ANALYSIS of variance, COLLEGE students, CRIME, JUDGMENT (Psychology), RESEARCH methodology, PERSUASION (Rhetoric), QUESTIONNAIRES, REINFORCEMENT (Psychology), SELF-evaluation, STATISTICS, EMAIL, DATA analysis, ACCESS to information, DATA security, DATA security failures, CONTENT mining, DESCRIPTIVE statistics, FRAUD, LAW
Abstract

Fraudulent emails, otherwise known as phishing emails, use a range of influence techniques to persuade individuals to respond, such as promising a monetary reward or invoking a sense of urgency. The current study explored a number of factors that may impact the persuasiveness and trustworthiness of emails by examining participant judgements of 20 pre-designed emails that varied according to (a) whether they used loss or reward-based influence techniques, (b) whether they contained particular authentic design cues, (c) whether they referenced a salient current event (the Rio Olympics), and (d) whether participants had been previously exposed to information regarding online scams in general. Results suggest that the presence of authentic design cues and the type of influence technique used significantly impacted participant judgements. Findings are discussed in relation to theoretical models of phishing susceptibility. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

25. THE INTERPLAY BETWEEN INVESTMENT LAW AND THE DUTY OF NON-RECOGNITION IN SITUATIONS OF CONTESTED SOVEREIGNTY.

Author

FACCIO, SONDRA

Subjects
INTERNATIONAL arbitration, FOOD sovereignty, INVESTMENT laws, CUSTOMARY international law, DATA security failures, TREATIES, SOVEREIGNTY, FOREIGN investments
Abstract

The protection of foreign investments located in contested territories is both pivotal and uncertain. It is pivotal as the promotion and protection of investments represent important tools to sustain and encourage economic development. In this regard, not only States, but also de facto entities have proven to be very sensitive towards the issue, up to the point that some among them have decided to implement ad hoc domestic laws with the aim of protecting and thus attracting investments and related capacity development from abroad. The protection of foreign investments in situations of contested sovereignty is also uncertain: questions of non-recognition of de facto entities as States and non-recognition of unlawful situations brought about by serious breaches of international law may significantly impact upon home States' scope of manoeuvre in protecting investors located abroad and on the capacity of the investor itself to implement those instruments provided for by either international law or domestic law to protect its economic interests. In light of the above, the article aims to investigate whether and to what extent international investment agreements and customary international investment law apply to protect investors in cases of contested sovereignty and whether and to what extent the interplay with the duty of non-recognition limits the protection granted to investors. The article will further investigate whether investors can take advantage of domestic laws on investments enacted by the occupying State or de facto entities in order to protect their investments located in territories subject to contested sovereignty and the limits that investors may encounter at the enforcement stage deriving from the application of the duty of non-recognition. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

26. Privacy Perils.

Author

Gomes, Lee

Subjects
RIGHT of privacy, DATA security, DATA security failures, MEDICAL research
Abstract

The article discusses drawbacks to laws in the U.S. meant to safeguard the privacy of personal data. Even trivial privacy breaches can trigger expensive disclosures, too many of which may desensitize consumers to the importance of privacy. More importantly, vital medical research has been delayed or terminated due to difficulties in complying with privacy laws.

Published
2009

27. Analysis of Industry-Specific Concentration of CPOs in Fortune 500 Companies.

Author

Shalhoub, Zeinab Karake

Subjects
RIGHT of privacy, FORTUNE 500 companies, COMPUTER security, DATA protection, DATA security failures
Abstract

The article discusses the efforts of firms to ensure the privacy rights of their customers and employees, examining the concentration of chief privacy officers (CPOs) in the U.S. Fortune 500 companies. The position of CPO is relatively new, the article indicates, as the first CPO was hired in 1999. Topics include the awareness of the general public concerning rights to privacy, the loss of personally identifiable information (PII) by large companies such as Bank of America and ChoicePoint, and the application of new technologies to ensure privacy compliance.

Published
2009
Full Text
View/download PDF

28. AML deadline is Wells’ next concern; Is Zelle a target?

Author

Yacik, George

Subjects
BANKING industry, FINES (Penalties), DATA security failures, CORPORATE profits
Abstract

This section offers news briefs on the banking industry as of April 24, 2018. Wells Fargo has agreed to a 1 billion U.S. dollars settlement with the U.S. Consumer Financial Protection Bureau and the Office of the Comptroller of the Currency. SunTrust has revealed that its forme employees may have stolen information on about 1.5 million of its customers. A 19% increase in 2018 first quarter profits was reported by UBS.

Published
2018

29. The Struggle to Define Privacy Rights and Liabilities in a Digital World and the Unfortunate Role of Constitutional Standing.

Author

OLANO, JUAN

Subjects
RIGHT of privacy, DATA security laws, CLAPPER v. Amnesty International USA, SPOKEO Inc. v. Robins, CYBERTERRORISM, PERSONALLY identifiable information, DATA security failures
Abstract

Today�s world runs on data. The creation and improvement of technological products and services depend on the exchange of data between people and companies. As people�s lives become more digitized, companies can collect, store, and analyze more data, and in turn, create better technology. But, because consumer data can be very sensitive (think Social Security numbers, GPS location, fingerprint recognition, etc.) this cyclical exchange comes with serious privacy risks; especially in light of more frequent and sophisticated cyberattacks. This creates a face-off between technological growth and privacy rights. While it makes sense that people should be willing to subside some of their privacy in exchange for technological enhancements to things like communication, health, and entertainment, companies should also be doing their best to prevent and respond to cyberattacks. This Note highlights the urgency created by the combination of the digitization of consumer lives, sophisticated hackers, and inadequate data privacy laws. It explains that, because Congress is yet to legislate and the Supreme Court�s findings in Clapper v. Amnesty International USA and Spokeo, Inc. v. Robin created federal circuit splits, data privacy laws are either non-existent or muddled. As a result, it is increasingly difficult for companies or consumers to know their rights, responsibilities, and liabilities in this sphere. Moreover, this Note calls for Congress to establish federal compliance measures with respect to corporate use of consumer data and handling of cyberattacks. However, this Note argues that Congress will continue to remain silent and, therefore, the Supreme Court, by revisiting the constitutional standing issues presented in Clapper and Spokeo, can be the one�for now�to provide much needed guidance with respect to data privacy. [ABSTRACT FROM AUTHOR]

Published
2018

30. Are You Hip to HIPAA? Here's a refresher course.

Author

Gilliard, Kate W.

Subjects
COMPLIANCE laws, RIGHT of privacy, PROFESSIONS -- Law & legislation, MEDICAL ethics laws, PROFESSIONS, MEDICAL ethics, PRIVACY, BUSINESS, CONTRACTS, HEALTH policy, MEDICAL protocols, MEDICINE information services, PHYSICAL therapists, PHYSICAL therapy assistants, HEALTH Insurance Portability & Accountability Act, DATA security, DATA security failures, HEALTH information services
Abstract

The article discusses news and information related to the Health Insurance Portability and Accountability Act, or HIPAA. HIPAA requires that covered entities comply with rules concerning the protection of patients' health information. It regulates relationships between business associates and covered entities. HIPAA defines protected health information as individually identifiable health information.

Published
2019

31. DOJ probes Equifax; China bitcoin ban broadens.

Author

Yacik, George

Subjects
BANKING industry, FINANCIAL services industry, DATA security failures, DIGITAL currency, BITCOIN
Abstract

This section offers news briefs relating to the U.S. banking and finance industry as of September 20, 2017. The U.S. Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) launched an investigation into the reported data breach in Equifax. China is planning a broad clampdown on the buying and selling of the digital currency called bitcoin. The National Collegiate Student Loan Trusts is set to pay penalties to the Consumer Financial Protection Bureau after reaching a settlement.

Published
2017

32. Birds of a feather: intra-industry spillover of the Target customer data breach and the shielding role of IT, marketing, and CSR.

Author

Kashmiri, Saim, Nicol, Cameron, and Hsu, Liwu

Subjects
DATA security failures, SOCIAL contagion, RETAIL industry, SOCIAL responsibility of business, CHIEF information officers, CHIEF marketing officers
Abstract

The authors develop a conceptual framework for conditions under which news of a major customer data breach at a U.S. retail firm is likely to decrease other U.S. retailers' shareholder value. Using the massive data breach at Target Corporation as their empirical context, and an event study of 168 publicly listed U.S. retailers as their methodology, the authors find considerable support for their framework. Results indicate that the Target data breach resulted in negative abnormal returns for other U.S. retailers, and that the strength of this contagion effect was moderated by factors related to retailers' (a) size and product market similarity with Target, (b) governance-related tie-strength with Target, (c) information technology-related ability to prevent a similar breach, (d) marketing ability to respond effectively in the aftermath of a similar breach, and (e) corporate social responsibility. The authors show that although a major retail data breach may result in an intra-industry spillover, managers can use factors related to information technology, marketing, and corporate social responsibility to help insulate their firms from this contagion effect. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

34. Prepare for and plan against a cyberattack.

Author

Bandler, John

Subjects
CYBERTERRORISM, PREPAREDNESS, LAW firms, DATA security failures, LAWYERS, EMAIL privacy, CLOUD computing security measures, ATTORNEY & client, SECURITY systems, PREVENTION
Abstract

The article provides advice for U.S. lawyers and law firms on how to prepare for and prevent cyberattacks, and it mentions data breaches involving email accounts, computers, and confidential client information. The U.S. National Institute of Standards and Technology's pre-cyber crime computer security plan is examined, along with risk assessment, the detection of a data security breach, and periodic reviews of security and privacy settings for cloud computing accounts.

Published
2018

36. Congress Debates Data Breach Legislation.

Author

Pike, George H.

Subjects
DATA security failures, DATA protection laws, U.S. states
Abstract

This article focuses on the issue of data breaches and the mixed legal response to it in the U.S. The common methods for breaching data records include the loss or theft of laptop computers, inadvertent release of records, and improper disposal of electronic or paper records. It notes that notification laws have been passed by 45 states as primary legislative responses to data breaches. A national data breach law that would be applicable to all states is being considered by Congress. Particular focus is given to the potential benefits of the law.

Published
2009

37. Too Much or Too Little? How Much Control Should Patients Have Over EHR Data?

Author

Bhuyan, Soumitra, Bailey-DeLeeuw, Sandra, Wyant, David, and Chang, Cyril

Subjects
ELECTRONIC health records, MEDICAL ethics, MEDICAL record access control, LEGAL status of patients, PRIVACY, PATIENTS' rights, ACCESS to information, DATA security, DATA security failures
Abstract

Electronic health records (EHRs) have been promoted as a mechanism to overcome the fragmented healthcare system in the United States. The challenge that is being discussed is the rights of the patient to control the access to their EHRs' data and the needs of healthcare professionals to know health data to make the best treatment decisions for their patients. The Federal Trade Commission has asked those who store consumer information to comply with the Fair Information Practice Principles. In the EHR context, these principles give the rights to the patient to control who can see their health data and what components of the data are restricted from view. Control is not limited to patients, as it also includes parents of adolescent children. We suggest that the ongoing policy discussion include consideration of the precise questions patients will be asked when a need for data sharing arises. Further, patients should understand the relative risks that they face, and the degree to which their decisions will (or will not) significantly reduce the risk of a data breach. As various approaches are considered, it is important to address the relative resource requirements and the associated costs of each option. [ABSTRACT FROM AUTHOR]

Published
2016
Full Text
View/download PDF

38. Roger R. Schell on Trusted Computer Systems.

Author

RANUM, MARCUS J.

Subjects
COMPUTER operating system security measures, COMPUTER security, DATA security failures, GOVERNMENT policy, PREVENTION
Abstract

An interview with Roger R. Schell, one of the authors of the U.S. Department of Defense Trusted Computer System Evaluation Criteria (TCSEC), known as the Orange Book, is presented. He talks about decline in security of computing in terms of trustworthiness; the U.S. trend of putting backdoors in all kinds of systems; and concerns about trusted software distribution and controlling releases. He discusses whether the code mass necessary to produce a secure operating system.

Published
2017

39. Authorized Investigation: A Temperate Alternative to Cyber Insecurity.

Author

Bruner, Casey M.

Subjects
DATA protection laws, DATA security failures, DATA security laws, ACCESS to information, SECURITY management, PREVENTION
Abstract

The article discusses the importance of authorized investigation allow for increased security regarding internet. Topics discussed include legal structures created to protect the data over internet; inception of the internet and the legal framework; and need of methods of stopping and deterring cyber attacks.

Published
2015

40. SOVEREIGN DEFAULT AND LITIGATION: NML CAPITAL V. ARGENTINA.

Author

MAURO, MARIA ROSARIA

Subjects
DEBT relief, GOVERNMENT liability (International law), LEGAL judgments, APPELLATE courts, PETITIONS, DISTRESSED securities, DATA security failures, ARCHAEOLOGICAL excavations
Abstract

In recent times private creditors have increasingly begun to resort to litigation against States in case of sovereign debt default. One of the most complex recent cases concerns the legal proceedings brought against Argentina by NML Capital Limited before the courts of the United States (US). The plaintiffs are primarily "vulture funds", seeking profit by buying heavily discounted distressed debt, that have rejected the restructuring terms accepted by the majority of Argentina's creditors. There are two main questions at the heart of the present dispute: sovereign immunity and the alleged breach of the US Foreign Sovereign Immunities Act (FSIA), and the interpretation of the pari passu clause. The US Supreme Court held that the FSIA does not limit the scope of discovery against foreign sovereign assets and rejected Argentina's petition for certiorari to review the Second Circuit decision upholding the injunction orders that required Argentina to pay NML Capital and the other plaintiffs whenever it pays the holders of its restructured debt. This comment assesses the approach of the US courts in relation to discovery and their interpretation of the pari passu provision. In particular, it argues that the outcome of this legal battle threatens future sovereign debt restructurings and confirms the gravity of the lack of a binding central restructuring mechanism. [ABSTRACT FROM AUTHOR]

Published
2015
Full Text
View/download PDF

41. Why the Payment System Is Suddenly a Hot Topic in D.C.

Author

Adler, Joe

Subjects
PAYMENT systems, CONGRESSIONAL hearings (U.S.), DATA security failures, INTERNET security, FINANCIAL services industry, ELECTRONIC funds transfer security, BITCOIN, GOVERNMENT policy
Abstract

The article notes that the payments system, financial services policy, and data security breaches are being discussed at U.S. congressional hearings in February 2014 and also notes the perspective of industry observers on cybersecurity, electronic payments, and Bitcoins digital money. The remarks of L. Cary Whaley, Douglas Kantor, Jason Oxman, John Ryan, Sarah Jane Hughes, B. Dan Berger, and Jonathan Cedarbaum are noted.

Published
2014

42. Moving Towards Trusted Identities.

Subjects
COMPUTER security, CYBERSPACE, PRIVATE sector, PRIVACY, DATA security failures
Abstract

The article focuses on the National Strategy for Trusted Identities in Cyberspace (NSTIC) of the administration of U.S. President Barack Obama aimed to alleviate issues in online security in partnership with private sector entities. The strategy raised concerns about privacy and data theft. The paper "NSTIC's Effect on Privacy" from Identity Finder considers the program analogous to the Social Security system and it calls for a federal regulation that would restrict access to NSTIC information.

Published
2011

43. HEALTH HACKERS: QUESTIONING THE SUFFICIENCY OF REMEDIES WHEN MEDICAL INFORMATION IS COMPROMISED.

Author

Mulligan, Janice and VonderHaar, Mark

Subjects
COUNTERTERRORISM, CYBERTERRORISM, INFORMATION storage & retrieval systems, HEALTH facilities, COMPUTER hacking, ELECTRONIC health records, DATA security failures, MEDICAL centers
Abstract

The article discusses threat of cyber hackers to health institutions' medical information systems and presents challenges on the safeguard as well as further damage avoidance of compromised health information. Topics include reference to cyber extortion plot by hackers with the health information system of Hollywood Presbyterian Medical Center in Southern California, medical records hacking with ransom demand in bitcoins as well as computer system virus infection at MedStar Health.

Published
2016

44. Taking on TJX.

Author

Wolfe, Daniel

Subjects
COMPUTER crimes, DATA security failures, ACTIONS & defenses (Law)
Abstract

The article discusses a legal case brought against TJX Cos. Inc., indicating that when 11 indictments were unveiled in August 2008 against people involved the case, new names were brought to public attention. Topics include the alleged ringleader, Albert Gonzalez, who the article indicates was behind the theft of personal data, and the work done by the U.S. Secret Service to investigate the case.

Published
2008

45. CYBERARMIES RISING?

Author

Sustar, Lee

Subjects
CYBERTERRORISM, CYBERSPACE operations (Military science), INFORMATION warfare, COMPUTER crimes, ESPIONAGE, DATA security failures
Abstract

The article examines the boundaries between espionage and acts of war in the virtual world. Topics discussed include the circumstances when cyberespionage crosses the line into cyberwar, the data breach at the U.S. Office of Personnel Management (OPM), and the need for the U.S. government to develop clear policies on cyberattacks.

Published
2015

46. Perceived Legal Barriers to Information Sharing.

Author

Weiss, N. Eric

Subjects
INFORMATION sharing, INTERNET security, RIGHT of privacy, ANTITRUST law, DATA security failures
Abstract

The article discusses the perceived legal barriers to cybersecurity information sharing in the U.S. Topics covered include the reluctance of firms to share information for fear of violating privacy or antitrust laws, the benefits and considerations in sharing information about cybersecurity attacks and defenses, and the role of consultants and insurance companies in information sharing following a data breach.

Published
2015

47. PLUGGING PORT HOLES.

Author

Szakonyi, Mark

Subjects
HARBORS, INTERNET security, COMPUTER security, DATA security failures
Abstract

The article discusses the lead role the U.S. Coast Guard is taking in dealing with cybersecurity risks that are described as becoming more sophisticated and dangerous for ports and their users. It also details the five core functions contained in the National Institutes of Standards and Technology's "Framework for Improving Critical Infrastructure Cybersecurity," released in 2013, in guarding against and responding to a breach including identification, protection, and detection.

Published
2015

48. THE ACQUISITION SUPPLY CHAIN AND THE SECURITY OF GOVERNMENT INFORMATION TECHNOLOGY PURCHASES.

Author

Morrison, Michael Ian

Subjects
INFORMATION technology, COUNTERTERRORISM, CYBERTERRORISM, CYBERTERRORISM policy, COMPUTER security, DATA security failures, COMPUTER networks
Abstract

In this article, the author offers information related to information technology threats and cyber attack on the U.S. and different policies and regulations of the country for prevention of these threats. He further discusses the Cybersecurity Act of 2012 and the Cybersecurity Executive Order for supply chain cyber security. He also discusses the Federal Acquisition Requirements (FAR) Part 39, which is related to purchase of information technology.

Published
2013

49. REGULATING INFORMATION SECURITY IN THE GOVERNMENT CONTRACTING INDUSTRY: WILL THE RISING TIDE LIFT ALL THE BOATS?

Author

BANCROFT, KEIR X.

Subjects
DISCLOSURE laws, PUBLIC contracts, LEGAL status of government contractors, INTERNET security laws, UNITED States. Paperwork Reduction Act of 1995, DATA security failures, COMPUTER security laws
Abstract

The article discusses the regulation of information security in the government contracting industry as of June 2013, focusing on the U.S. government's attempts to strengthen its regulations and laws in the wake of increasing cybersecurity risks. Several statutes are addressed, including the U.S. Paperwork Reduction Act and the nation's Computer Security Act of 1987. Data security breaches and controlled unclassified information (CUI) are mentioned, along with U.S. Department of Defense and the nation's Federal Information Security Management Act of 2002 (FISMA).

Published
2013

50. Could a malpractice insurer drop you when you need it most?

Author

Latner, Ann W.

Subjects
HEALTH policy, INSURANCE companies, DATA security failures, BANKRUPTCY, LIABILITY insurance, HEALTH Insurance Portability & Accountability Act, MEDICAL errors, HEALTH insurance reimbursement, MALPRACTICE, MEDICAL records, COURTS, PHYSICIANS, PATIENT care, ECONOMICS
Abstract

The article discusses the potential concerns physicians may face regarding their medical malpractice insurance coverage when dealing with malpractice cases. It highlights the importance of understanding the exclusions and limitations of malpractice insurance policies, especially considering the high costs associated with defending such cases.

Published
2023