Richard Thomas, head of the Information Commissioner's Office (ICO) in the UK, told Parliament that CEOs should be responsible for the protection of confidential data in their firm's possession, and should face criminal charges in the event of data loss.This recommendation comes in the wake of recent high-profile data breaches, in particular the loss of unencrypted information on 25 million UK citizens by UK Revenue & Customs (HMRC).
Latest from Michael Krigsman
Social security numbers belonging to as many as 5000 Wisconsin taxpayers were exposed because of a bad letter template used with a misaligned letter folding machine during a state tax form mailing. The letter format placed the social security number too close to the address field, causing it to be exposed outside the envelope.
The Office of Management and Budget (OMB) reports that the number of federal government high-risk IT projects has declined since the start of this year. This information is presented in two reports: the quarterly project High Risk List and the Management Watch List.
The UK Identity & Passport Service (IPS) has released an excellent post-implementation assessment report describing lessons learned from five key 2007 projects. In an unusually transparent move for any government agency, the report candidly examines each project's objectives, deliverables, and areas for improvement.
Back in the 2001 time frame, the Office of Government Commerce (National Audit Office) in the UK established a program for avoiding large-scale IT failures. The program, called the Gateway Process, established a series of evaluation milestones, or gates, against which a project must be reviewed over its lifecycle.
About a year ago, the FBI annouced they had this little problem: the agency built a software system, called the Virtual Case File, that never saw the light of day. You see, the software designers never asked the users what they actually did need.
According to a recent report from Parliament, Her Majesty's Revenue and Customs (HMRC) in the UK continues to pursue EDS for compensation over a major failed IT implementation. The settlement totals £71.
A laptop containing confidential information belonging to employees and suppliers of UK newspaper, the Daily Mail, was stolen. According to the Guardian, the missing data consists of name, address, bank account number and bank sort code belonging to affected staff.
The "IT system used to identify terrorist threats that has been crippled by technical flaws," according to a memo from the House of Representatives. The failed system is part of a central US government repository of data called the mother of all databases.
Marin County voted to stop an ongoing SAP project, implicitly accepting that it wasted over $30 million on software and related implementation services from Deloitte Consulting.