Feb 052010
 February 5, 2010  Posted by  Breaches, Non-U.S.

Kathleen Lau reports:

Ontario Privacy Commissioner Ann Cavoukian has taken issue with a security vendor’s criticism of her recent report following the loss of a USB key containing patient health data at Durham Health region.

Earlier this week, Websense Inc.’s Canadian country manager Fiaaz Walji said Ann Cavoukian’s order that the Durham Health Region should “strongly encrypt” its data when stored on a portable device like USB stick or laptop is just one step that ought to be required among many others. “She’s absolutely right that it should be encrypted, but I think encryption is one piece of it,” said Walji.

In response, Cavoukian disagreed that her report focuses solely on encrypting data on mobile devices and that it does require that health authorities assume an enterprise-wide system of data protection that includes training employees on written policies and practices regarding role-based data access, lifecycle data management and data minimization.

Read more on itWorldCanada.

Sorry, the comment form is closed at this time.