HIPPA requirements, which effect any business that deals with medical information, should be expanded to cover all kinds of personal information. This would mean that, at the very least, all access to the data is logged so that a report can be generated that shows who access the data, at what date and time, and what was changed.
Hand in hand with this would be the very basic concept of securing the data. I'm just completely baffled by the fact that government agencies allow their employees to carry confidential information around on laptops or CDs and allow those laptops to leave the workplace.
technorati tags: identity theft laptop stolen laptop
Comment Preview