Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: Privacy

Are Perceptions About Cloud Security and Availability Overblown … and Wrong?

– It appears that the greatest hindrance for organizations to move their applications and data into the cloud is concern about security and availability. While it is arguable whether or not security and privacy risks and system failure rates and durations are greater overall for cloud-based…

Convenience vs. Data Breaches … Avoidance is an Answer

– In “If You’re Collecting Our Data, You Ought to Protect It” in the Business Section of The New York Times of February 17, 2013, Natasha Singer describes how a data breach involving the personal nonpublic information of some 40,000 current and former NASA employees was preceded by an…

Review and Critique of Generally Accepted Privacy Principles — Part 4

– 2.4. GAPP Assessment Procedures GAPP Approach: Again, the AICPA and CICA claim that each of GAPP’s 10 privacy principles is supported by “relevant, objective, complete, and measurable criteria.” Critique: While in many cases it is obvious how an auditor should test compliance…

Review and Critique of Generally Accepted Privacy Principles — Part 3

– 2.3. The Structure of GAPP Apart from the problem of how to determine the scope of personal information, GAPP faces a further problem concerning how to interpret the overall framework.  In database terminology, GAPP may be thought of as a database consisting of two tables: principles and…