Information security analytics

The Belfast office of Anglo Irish Bank is at the centre of an investigation after it accidentally released information on 500 UK customers. A bank executive emailed a Northern Ireland client a spreadsheet containing details of derivatives transactions carried out on behalf of the customers. The bank has informed financial regulators in Dublin and London and is contacting the 504 customers involved. It said there is no security risk to any client's accounts.

Royal Navy investigators flew to Belfast last week after a memory stick containing "restricted" information on naval manoeuvres and personnel around the UK was reported missing. The Observer has learnt that two senior detectives from the Royal Navy Police's Special Investigation Branch met members of the Police Service of Northern Ireland to investigate the issue.

The Information Commissioner’s Office (ICO) has found Verity Trustees Ltd to be in breach of the Data Protection Act after the Trustees reported the theft of a laptop computer containing the names, addresses, dates of birth, salaries and national insurance numbers of around 110,000 individuals.

A hard drive with seven years of personal and medical information on about 1.5 million Health Net customers, including 446,000 in Connecticut, was lost six months ago and was first reported Wednesday, state and company officials said. The insurance company informed the state attorney general's office and the Department of Insurance Wednesday of the security breach that puts personal medical records at risk in a historic lapse, the first of its kind to be publicly reported.

A recent survey of 77 healthcare organizations discovered that almost every single one of them said they are not ready to comply with the privacy and security provision of the Health Information Technology for Economic Clinical Health Act, which goes into effect in February.

THE NSW government plans to create three new identity offences - trafficking in identity data, possession with intent to commit a crime, and possession of equipment for the purpose of identity theft - in an overhaul of the state's Crimes Act. The new laws will apply to offences committed offline and online.

Starting Nov. 2, 2009, Ohio regulators and all insurance companies that do business in the state will begin new procedures designed to protect policyholders' personal information. Insurance companies will be required to report any loss of policyholder information within their possession to the Department of Insurance within 15 days of the discovery that the information has been lost or stolen, according to Insurance Director Mary Jo Hudson.

Computerworld - Privacy and civil rights advocates accused the U.S. Department of Health and Human Services of trying to neuter a landmark data breach notification law for health care organizations that is scheduled to go into effect next week.

Industrial manufacturing giant DuPont has sued an employee it claims was planning to smuggle trade secrets to China, according to a report this week in The News Journal of Delaware. The employee, Hong Meng, a senior research chemist, admitted to DuPont security officials that in August he downloaded confidential company files from his company-issued laptop to an external hard drive. The data included research on organic light-emitting diode (OLED) technology, said the report, citing court papers.

United States Attorney Joyce White Vance announced that Isaac Earl Smith, 38, and Annetra Poole-Moore, 37, have agreed to plead guilty to federal crimes involving health care fraud, disclosures prohibited by the Health Insurance Portability and Accountability Act (HIPAA), and aggravated identify theft.