funsec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Data Loss - Bad Policy or Bad Enforcement of Good Policy (is there a difference?)

From: "Todd Towles" <toddtowles () brookshires com>
Date: Mon, 30 Jan 2006 09:11:50 -0600
Fergie wrote:

Three words: Bad policy enforcement.


True, but sometimes it is enforcement of a bad policy that is the
problem.

 http://www.networkworld.com/news/2006/012706-patients.html

"About 365,000 hospice and home health care patients in Oregon and
Washington are being notified about the theft of computer backup data
disks and tapes late last month that included personal information and
confidential medical records...The tapes and disks were taken home by
the employee as part of a backup protocol that sent them off-site to
protect them against loss from fires or other disasters. That practice,
which was only used by the home health care division of the hospital
system, has since been stopped, said health system spokesman Gary
Walker."

-Todd


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: