Information security is serious business… It seems that it takes events like the one described here by Evan Francen at FRSecure, to get peoples attention… but wait… “This could never happened to us”…. really?

Victims:

“patients who received medical services at South Shore Hospital – as well as employees, physicians, volunteers, donors, vendors and other business partners associated with South Shore Hospital – between January 1, 1996 and January 6, 2010″

Number Affected:

“approximately 800,000″

Types of Data:

“individuals’ full names, addresses, phone numbers, dates of birth, Social Security numbers, driver’s license numbers, medical record numbers, patient numbers, health plan information, dates of service, protected health information including diagnoses and treatments relating to certain hospital and home health care visits, and other personal information. Bank account information and credit card numbers for a very small subset of individuals also may have been on the back-up computer files”

Breach Description:

“Back-up computer files containing personal, health and financial information of thousands affiliated with South Shore Hospital may have been lost by a professional data management company.”

The rest of the story…

About FRSecure:

FRSecure LLC is a full-service information security consulting company. We are dedicated to providing value to our clients through well designed, implemented, and managed information security solutions. Our mission statement:

We take the time to understand our client’s business and align information security initiatives with their goals and objectives. In so doing, our clients benefit from solutions that help to drive business and add to the bottom line. Information security does have to be a cost center.

FRSecure works with businesses of all sizes, in all industries. We understand that our clients are in business to make money, so we design secure solutions that drive business, protect sensitive information assets, and improve their bottom line.

Jul 14, 2010 | 04:50 PM

By Tim Wilson
DarkReading

Two Major Breaches Caused By Loss Of Physical Media

Online attacks might be getting more sophisticated every day, but two incidents last week are reminding the industry that the loss of physical storage media is still among the most common causes of data breaches.

Recent studies indicate that the theft of physical media remains one of the most common causes of data breaches. Both AMR and the California DHCS have discovered that the hard way.

read more…

Scandal: Most “Recycled” Computers are Not Recycled
posted by Howard Fosdick on Wed 7th Jul 2010 16:58 UTC

Last month, I described how the computer industry encourages planned obsolescence in order to sell more product. This business model exacerbates the problem of computer disposal because it artificially shortens computer lifespans. This increases production and, ultimately, the numbers requiring disposal. One result is that  e-waste — electronics waste — is one now one of our most pressing environmental challenges.

There are about one billion PC’s in use worldwide. There are an additional several hundred million sitting in basements and attics awaiting disposal. Given average lifespans of only two to five years, a tidal wave of computers requiring disposal sweeps towards us. In the United States, the vast majority will not properly disposed of.

What toxins do consumer PC’s contain? Where do they end up? And what can you do about it?

Read More…

Howard Fosdick (President, FCI) is an independent consultant who specializes in databases and operating systems. He’s been active in computer reuse and recycling as a hobby for over fifteen years.

1942 lbs of Secure Data!!

1295 Drives Shredded This Morning, at the customer’s location… “zero” data breach, “zero” landfill. All in all, I’d say it was a pretty good day!!  – Please call us or click the “quote request” button on the right side of this page.

Follow RenovoData Services on Twitter

Friend us on Facebook

“House bill 2221, the Data Accountability and Trust Act, sponsored by Rep. Bobby Rush, would require the Federal Trade Commission (FTC) to publicize regulations requiring people and corporations engaged in interstate commerce who own or are in possession of electronic data that contains personal information to establish security policies and procedures. The legislation also would authorize the FTC to require the standard method or methods for destroying obsolete nonelectronic data and would require information brokers to submit their security policies to the FTC in the case of a security breach notification or at the request of the FTC. The FTC would be required to audit an organization’s security practices following a breach. ”

https://www.sdbmagazine.com/news/news.asp?ID=9307&AdKeyword=data+security+bill

Today we received a cease and desist notice from NAID (National Association for Information Destruction). In speaking with the NAID membership director we were informed that there was no record of an application being received by NAID and that we, were indeed not a member. This was alarming to us, as we believed that we were members on NAID.

A quick search through our files turned up an application signed and dated September 2009. More digging is being done to determine if there was a corresponding credit card charge for NAID membership dues. In the mean time we have removed the NAID logo from our website and will refrain from disseminating any printed material containing the NAID logo.

From its inception, RenovoData Services has always intended to be a member in good standing with NAID. We see NAID as a “better business bureau” for the information destruction industry, bringing credibility to member companies. We see great value in belonging to the organization and displaying the NAID logo.

We are committed to resolving this issue quickly. If we indeed are in error, we will rectify the situation and seek membership in NAID immediately. We apologize for any inconvenience that this may have caused our clients and/or partners.

We will rectify this issue immediately. In the interim, please feel free to contact me with any questions you may have.

Frank Gustafson
President/CEO
RenovoData Services, Inc
952-715-3301

Please note, our event is not for all types of e-waste. For a small fee, RenovoData Services will collect only the following:
- Computers—$10, including its monitor, keyboard and/or mouse
- Printers or additional monitors—$10
- Computer hard drives—$10. Hard drives will be shredded on-site if removed from the case
- Personal digital assistants (PDAs) or cell phones—no charge
- Flash drives—no charge

Date: November 14, 2009

Hours: 8 a.m. to 2 p.m.

Location: Education Center, 8040 Mitchell Road, Eden Prairie, Minn., 55344 (enter off Technology Drive, west of Mitchell Road)
Bring us your old, unused cell phones and help the Quarter Million Phone Project!

Keep your cell phone out of the landfill and safeguard your personal data. We will repurpose or recycle your cell phone, and we guarantee it will not be incinerated or dumped into a landfill.

Help us reach our goal to collect a quarter of a million cell phones.

Eighty percent of e-waste is not recycled properly. Much of it ends up overseas in cities in developing countries such as Accra, Ghana, and Guiyu, China.

The shipping of cathode ray tube (CRT) computer monitors and televisions from the United States to overseas countries is not illegal. Rules set up in 2007 by the EPA stipulate a company only needs approval from the EPA and approval from the receiving country to ship the e-waste. As long as both parties agree, no law has been broken. These rules do not apply to other electronics such as computers.

But according to the General Accounting Office, the EPA’s enforcement of these rules has been lax.

A tool to curb e-waste, but one the United States has refused to ratify, is an international agreement known as the Basel Convention. Since the 1990s, it has restricted trade in hazardous waste by other countries.

Economics is the big player in this drama. According to an October 15, 2008, report in Business Week, in Hong Kong, the e-waste import center of Asia, a container of unprocessed monitors and televisions that sells for $5,000 can net profits of $4,000, according to people familiar with the trade.

The CBS 60 Minutes report “Following the Trail of Toxic E-waste” exposed the truth about Guiyu, China, a city run by people who don’t want to lose the lucrative toxic moneymaker. According to the report, computers are broken up for recycling using the most primitive of methods: bare hands, a coal fire to melt lead solder, and what CBS called a medieval acid recipe to extract gold. Scientists have studied the area and discovered that Guiyu has the highest levels of cancer-causing dioxins in the world.

The workers are peasant farmers who can’t make a living on the land. Destitute, they’ve come by the thousands to earn $8 a day breaking down computers.

According to CNN, some signs of progress are being made, however. Nokia, Philips and Samsung are setting up voluntary collection and recycling systems in countries where they are not legally obliged to. Apple claims its products are now almost entirely free of the worst toxic chemicals.

Information gathered from:
Oct. 15, 2008; Business Week E-Waste:The Dirty Secret of Recycling Electronics.

August 10, 2009; CNN: Sifting through the mounting problem of e-waste.

August 30, 2009; CBS: Following the Trail of Toxic E-Waste.

Guaranteed Zero Landfill Policy