By:
On:
In: *Connecting the Dots Blog*, Incident Reporting, Information Privacy, Information Security, Regulatory Compliance

We have all heard the wise old saying….’One man’s trash is another man’s treasure’ and potentially we have yet another lesson learned for organizations who are obligated to protect their client’s personal information. In this lesson learned from Ohio, three large storage bins were stolen from outside of three different bank branches in three different cities.  Each of the three large storage bins contained paper that was waiting to be shredded and at least one of the storage bins contained personal documents of bank customers. A few questions this incident brings to mind: Should personal data be stored outside of buildings? Should trash/storage bins beRead More →

By:
On:
In: *Connecting the Dots Blog*, Information Security, Legal, Regulatory Compliance, Risk Management

Two recent headlines caught my attention: Construction Company Sues Bank for Money Lost in Cyber Scam Couple’s Lawsuit Against Bank Over Breach to Move Forward In both of these cases, banks are being sued for not taking adequate precautions that could have prevented cyber thieves from stealing money from the customers’ accounts.  The customers claim that the banks did not offer two-factor authentication and also failed to notice suspicious and anomalous behavior.  Therefore, the customers are claiming that the banks breached their duty to protect account holder information. These lawsuits could have significant ramifications and I will be curious to see the final outcome.  ShouldRead More →