Revelations that Google's Gmail and Sony Pictures were both targeted by hackers highlights growing concerns about cybersecurity and the sophistication - and frequency - of attacks, as well as how to keep the public informed about such incidents.
"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
The recent Sony and Epsilon breaches sent a strong reminder that companies lack transparency and aren't prepared to respond to a breach once it occurs, says Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies.
From Epsilon to Sony, recent data breaches and legislative trends tell a dramatic story about the turbulent state of privacy worldwide, according to J. Trevor Hughes, head of the International Association of Privacy Professionals.
Organizations participating in the Nationwide Health Information Network initiative should use digital certificates that meet standards already required for federal agencies, the Privacy and Security Tiger Team is recommending.
The recent data breaches at Epsilon and Sony should send a chilling message to privacy officers everywhere. "You can't prepare enough," says Kirk Herath, chief privacy officer of Nationwide Insurance Companies.
Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.
"Updating this law to reflect the realities of our time is essential to ensuring that our federal privacy laws keep pace with new technologies and the new threats to our security." says bill sponsor Sen. Patrick Leahy.
A June 13 conference in Washington on protecting patient privacy, co-sponsored by a privacy advocacy group, will include discussions designed to pinpoint research needs and make technical, educational and policy recommendations.