Data Breach Resources
This section offers links to information about data breaches and the impact they
can have on individuals and organizations. The resources presented here can help
you stay informed and be better equipped to protect your organization,
customers, employees and key stakeholders.
Organizations and Links
Databreachwatch.org provides up-to-date information on data breach alerts,
articles, news and events. Security and privacy officers can rely on this single
site for continually updated data on data breaches.
The FTC's website provides information on how affected organizations should deal
with a data breach, including how to notify individuals whose data has been
compromised and how to work with law enforcement.
The Secret Service investigates crimes associated with financial institutions,
and has a long history of protecting American consumers and industries from
financial fraud. It assists victims in contacting relevant investigative and
consumer protection agencies and works with other federal, state and local law
enforcement and reporting agencies to identify perpetrators.
The Privacy Rights Clearinghouse (PRC) is a nonprofit consumer and advocacy
organization. The PRC site provides information on how individuals can protect
their privacy and maintains an extensive chronology of data breaches reported
since 2005.
The National Conferences of State Legislatures' website contains information on
state security breach notification laws, recommended practices on notice of
security breaches and general resources on state and federal laws that address
policies and strategies for combating identity theft.
Christiansen IT Law provides information technology-related legal services to healthcare and financial organizations, technology services companies, governmental agencies and professional services firms.
Apgar & Associates, LLC provides expert privacy, information security, regulatory and electronic heath information exchange consulting services to the health care and financial services industries across the U.S.
To improve the efficiency and effectiveness of the health care system, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, included Administrative Simplification provisions that required HHS to adopt national standards for electronic health care transactions and code sets, unique health identifiers, and security.
Government Health IT is the definitive source for news and information on how government is driving the adoption of information technology in healthcare.
HITRUST Central is an innovative and powerful tool that promotes interaction and collaboration between IT security and compliance professionals across all aspects of the healthcare industry.
White papers, research reports and
legislation
The Ponemon Institute, April 2008
New 2008 study on how response to a data breach impacts customer views and
opinions that in turn effects retention and churn.
The President's Identity Theft Task Force, April 2007
CyberSource, 2008
Managing online fraud continues to be a significant and growing cost for
merchants of all sizes. Total losses from online payment fraud in the U.S. and
Canada have steadily increased as eCommerce continues to grow. The online fraud
study analyzes benchmark data and practices.
The Better Business Bureau (BBB) and the American National Standards Institute
(ANSI), January 2008
BBB and ANSI have teamed up to create a "one stop shopping" resource that would
help arm businesses and other organizations with the tools they need to combat
ID theft and fraud and protect consumers - and themselves - from the risks
associated with these crimes.
ID Experts in Academia
ID Experts is dedicated to supporting academic research in the fields of identity
theft and consumer and corporate fraud.
Learn more about ID Experts in
Academia