Resources
Below are posts, articles, summaries, white papers, government agency reports, research studies, and other materials to help members develop background knowledge about some of the key developments and issues in the data breach area.
- White Papers
Data Breach - Are You Adequately Insured?
Data Breach - Are You Legally Compliant?
Background Checks on Current Employees
Uncovering Myths About Data Privacy for PEOs
Beware and Avoid Myths for Title Companies
Beware and Avoid Myths for Franchisors
- Reports
2014 Verizon Data Breach Investigations Report
Guidelines for Information Security Policy - NYS Office of Cybersecurity
Internet Crime Report 2011
Symantec Global Internet Security Threat Report
FCC - Cybersecurity for Small Business.
- Privacy Organizations and News Outlets
National Institute of Standards and Technology (NIST) - founded in 1901 and part of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. NIST’s Technology Portal provides a wealth of information concerning cyber security and standards for emerging information technologies and applications. Examples of some of the more helpful materials are provided below:
Guidelines for Conducting a Risk Assessment (Sept. 2012)
Security Incident Handling Guideline (Aug. 2012)
Malware Incident Protections for Desktops and Laptops (Aug. 2012)
Guidelines for Managing and Security Mobile Devices (July 2012)
Cloud Computing Synopsis and Recommendations (May 2012)
Guidelines for Securing Wireless Local Area Networks (Feb. 2012)
Guide to Protecting the Confidentiality of PII (Apr. 2010) - Electronic Privacy Information Center
EPIC is a public interest research center in Washington, D.C., established in 1994 that focuses public attention on emerging civil liberties issues relating to privacy, the First Amendment, and constitutional values. Below are links to helpful resources provided by EPIC:
E-mail and Online Newsletter
Online Guide to Privacy Resources
Legislative and Other Developments Concerning Cybersecurity
Protecting Children's Privacy Online - Privacy Rights Clearinghouse
PRC is a California nonprofit corporation with a two-part mission -- consumer information and consumer advocacy. It was established in 1992 and is based in San Diego, California.
Comprehensive List of Reported Data Breaches Since 2005
- International Association of Privacy Professionals (IAPP)
IAPP is the largest and most comprehensive global information privacy community and resource established to, among other things, help organizations manage and protect their data. IAPP’s resources include:
A Guide to Data Governance for Privacy, Confidentiality, and Compliance
The Daily Dashboard, a FREE daily enewsletter (subscription required)
- Active Blogs and News Sources
Concerning Data Privacy, Security and Data Breaches:
PHIPrivacy.net
Privacy.org
SCMagazine.com
PogoWasRight.org
Databreaches.net
Workplace Privacy, Data Management and Security Report
Privacy Law Blog
- Governmental Resources
FTC - Consumer Protection and Privacy at Federal Level:
Business Center
Children's Privacy
Data Security
U.S. Dept. of Health and Human Services – Provides information concerning “protected health information” under HIPAA, HITECH and the Patient Safety Rule:
HIPAA Breach Notification Guidance
Frequently Asked Questions
Summary of the Privacy Rule
Summary of the Security Rule