Wednesday, November 17, 2010
Report shows that almost one of three Hawaii residents affected by security breaches, 54% of those by UH
by Larry Geller
The report gives insights into the breadth and depth of the UH security lapses, but also indicts Hawaii’s laws as inadequate to protect personal information.
From their press release, key findings of the report include:
- Since 2005, at least 479,000 Hawaii records have been breached: Almost one for every three residents.
- The University of Hawaii is responsible for 54% of all breaches in Hawaii (259,000 records); more than all other Hawaii organizations combined.
- As the single biggest contributor to Hawaii data breaches, the University of Hawaii has a pattern of breaches and unfulfilled promises.
- The Liberty Coalition gives the University of Hawaii an "F" for Privacy and Data Security
- Neither business nor academic organizations have adequate market incentives to keep personal information secure.
- Breach notifications are vague and fail to empower victims. Victims cannot know which breach caused identity fraud, cannot hold organizations accountable, or protect themselves.
- After a brief rest from breaches in 2008, Hawaii is experiencing another spike in reported breaches.
- Hawaii breach notification law implies that corporations can “own” personal information. This notion has no basis in intellectual property law and is dangerous