Identity Theft and Credit Card Receipts – Is Your Slip Showing?

March 22, 2010

I’d like to think that it’s common knowledge that credit card receipts can be a prime opportunity for identity theft. However, too many of us simply crumple the receipts and throw them in the trash without a care. If the receipt shows your full credit card number and expiration date, this is an invitation for […]

Read the full article →

Podcast – Massachusetts Data Security Regulations

March 8, 2010

I recently had the opportunity to talk with Nick Fishman, co-founder of EmployeeScreenIQ who interviewed me on the Massachusetts Data Security Regulations and what they mean to businesses. Here’s a copy of the interview. Check out the EmployeeScreen blog at http://blog.employeescreen.com/ to learn more about pre-employment screening and the comprehensive methods EmployeeScreenIQ uses to ensure […]

Read the full article →

Truth or Delusion? – Myths and Misunderstandings about the Massachusetts Data Security Regulation. Part II

March 8, 2010

In my previous article, I discussed the lack of guidance from the Attorney General on implementation and enforcement of the new Massachusetts data security regulation. The law is aimed at protecting residents from identity theft by requiring practically every business with employees or customers in the state to implement a written information security plan (WISP). […]

Read the full article →

Truth or Delusion? – Myths and Misunderstandings about the Massachusetts Data Security Regulation. Part I

March 4, 2010

As of this past Monday, the nation’s “most comprehensive data protection law” went into effect, yet many questions remain as to how the regulation will be interpreted and enforced. The law was promulgated by the Office of Consumer Affairs and Business Regulation. While OCABR put it together, the Massachusetts Attorney General is charged with enforcement. […]

Read the full article →

Implementing Data Security Is Like Eating An Elephant

February 27, 2010

We all know how to eat an elephant. One bite at a time at a time, of course. Implementing a comprehensive data security program is no different – for many it’s a monumental task. It can only be accomplished by setting out a manageable, step-by-step plan. Easier said than done? Probably, but that doesn’t mean […]

Read the full article →

Small Businesses Most Vulnerable to Data Breaches That Lead to Identity Theft

February 24, 2010

We hear it every day. Criminals prefer the low hanging fruit – the easy mark that is not likely to detect the invasion and where the damage done is too small to justify a major investigation.  Identity thieves are no different. Most are not willing or able to target a major corporation with multiple layers […]

Read the full article →

New Identity Theft Law Aimed at Prevention – Heads Up Business Owners!

February 22, 2010

Do you have any customers or clients who live in Massachusetts? What about employees? If you answered yes to either of these questions, then you had better pay attention to the new identity theft law that takes effect on March 1. It almost certainly applies to you and your business and will require that you […]

Read the full article →

Five Things Every Business Needs To Know About The New Massachusetts Data Security Regulations (No Matter Where You are Located)

February 17, 2010

Massachusetts has passed what is considered the most sweeping privacy regulation in the nation. The Massachusetts data security regulation, 201 CMR 17.00, has far-reaching implications that affect nearly every business, large or small, that has even a single client, customer or employee located in Massachusetts. Unlike many of its federal counterparts, the Massachusetts regulation is a relatively easy […]

Read the full article →