|| Print ||
|Articles - July/August 2013|
|Monday, July 08, 2013|
BY SHAWN M. LINDSAY
As a business, do you ever handle or use a client’s credit card number or social security number? How about a client’s financial documents, date of birth, driver’s license number, medical records or any other sensitive personal information? If none of these, maybe your website collects information from children under the age of 13, or maybe you have a smartphone app that uses location services? For most of you, the answer will be yes, and the manner in which you handle the information is serious business.
Information privacy and data security issues involve nearly every facet of a business. With the rapid development of digital and information technology, businesses of every size now collect, process and warehouse all sorts of personal information with a variety of technologies, from USB drives to tablets to the cloud. The laws and regulations that govern the handling of personal information are numerous, complex, vary by location and are constantly changing. If a business does not take appropriate care to protect against prohibited access to or loss of personal information, it can be subjected to significant fines and, more important, considerable damage to its reputation.
A few recent examples illustrate the exposure to risk. In February of this year, while on vacation in Hawaii, a hospital surgeon had his laptop — containing personal health information of approximately 4,000 patients — taken during a burglary. The hospital involved offered patients free identity theft monitoring, among other things. This past March, the online note-taking servicer Evernote was hacked, and all of its 50 million users needed to reset their passwords. And late this spring, the Utah Department of Technology Services revealed that 780,000 individuals were affected by the theft of Medicaid information, including social security numbers. Utah had to send a report to the U.S. Department of Health and Human Services to assess potential violations of HIPAA.
Big businesses are not the only ones experiencing technology breaches. Breaches have recently occurred with small dental and medical offices, grocery stores and online retail stores. As a business, what can you do to protect your clients’ confidential information and reduce your potential liability? You can promote prevention, detection and correction.
Interestingly, most data breaches are caused by mundane events like employees losing a USB drive or smartphone, or unwittingly misusing the Internet. One way you can promote prevention is by educating employees. Negligent employees are the top cause of loss. Privacy and security risk is no longer just an IT department problem; it is everyone’s problem. Empower employees to take responsibility for the security processes in place. You can do that yourself, or there are partners that can help you do it. For example, Swan Island Networks offers a solution, Cybero, which provides employees with real-time alerts about the latest social engineering exploits, social media activism and manufactured scams.
You can promote detection by evaluating your risks and improving your compliance. You can do this yourself, or you can partner with experts to assist. For example, ID Experts is a Portland company that can conduct a compliance assessment, a penetration test, a security-risk analysis and an incident response test. With this information, you can then promote correction by formulating a comprehensive remediation plan.
What’s most important is to have a privacy and security team in place. When dealing with privacy and security risks, there is no margin for error. So get that team in place and make sure privacy and security is a priority. It’s always better to build a fence on top of the hill then have an ambulance at the bottom of the hill.
Monday, July 14, 2014
BY VIVIAN MCINERNY | OB BLOGGER
Some people think Amazon’s winking eye logo is starting to look like a hoodwink.
Tuesday, August 26, 2014
BY DEBRA RINGOLD | OP-ED CONTRIBUTOR
Why has six years become an acceptable investment in public undergraduate education that over-promises and underperforms?
Monday, June 30, 2014
Oregon Business magazine won two silver awards for excellence in writing in the National American Society of Business Publication Editors Western region competition.
Tuesday, July 08, 2014
BY LINDA BAKER | OB EDITOR
The New Yorker recently published a sharply worded critique of “disruptive innovation,” one of the most widely cited theories in the business world today. The article raises questions about the descriptive value of disruption and innovation — whether the terms are mere buzzwords or actually explain today's extraordinarily complex and fast changing business environment.
Update: We caught up with Portland's Thomas Thurston, who shared his data driven take on the disruption controversy.
Monday, August 18, 2014
Portland is in the middle of another construction boom, with residential and office projects springing up downtown, in the Pearl and Old Town. OB Web Editor Jessica Ridgway documents the new wave.
Friday, August 15, 2014
In this week's poll, we asked readers: "Who should pay for the troubled Cover Oregon website?" Here are the results.
Wednesday, August 13, 2014
BY TOM COX | OB BLOGGER
When I say, “Your Employee is Always Right,” I do not mean “right about the facts,” but rather “right about how they feel” and “right about how they want to be led.”
|The Private 150: Bigger But Leaner|
|The Perfect Food|
|Powerlist: Staffing Firms|
|Taxis Uber Alles?|
|Snapchat now worth $10B|
|Tomatoes may lower prostate cancer risk|
|WHO: Ban e-cigarette use indoors|
|Burger King to acquire Tim Hortons for $11.5B|
|Burger King in talks to buy Tim Hortons|
|Damage from Northern California quake could reach $1B|
|Yellen says job market hampered|
Vigilant enters a New Year with a new president.
How George Fox has become one of Oregon's largest private universities.
Forest Grove sees growth in the burgeoning food and beverage scene.
Lane Powell Shareholder William T. Patton has been appointed to the board of directors for Cascade AIDS Project, an organization that provides educational services and outreach to thousands of Oregonians living with HIV/AIDS.
Fifty-one Lane Powell lawyers were recently selected by their peers for inclusion in The Best Lawyers in America® (Best Lawyers) 2015; of those selected, 23 lawyers are from the Firm’s office in Portland, Oregon.
Barran Liebman is proud to announce that Andrew Schpak, a Partner of the firm, has been named Chair of the American Bar Association’s Young Lawyers Division for the 2014-2015 bar year.