Barbara Haven, blogging from California, refers to a major hack of a University of Texas administrative data reporting system which compromised information on 55,000 individuals. According to Infoworld, the attacker used a "blunt force" technique by programming inputs of millions of Social Security numbers into the system. Matched records were captured by the intruder.
On the last night of the legislative session, the state legislature passed substitute House Bill 105. Part 4 is now referred to as the Government Internet Information Privacy Act. This act applies to any state agency that maintains a public website. For purpose of the bill, personally identifiable information means name, account number, physical address, electronic address (I guess that could mean email or IP address), telephone number, or social security number.
According to the bill, before a government website can collect personally identifiable information, the website must contain a specific policy statement which (among other things) includes a general description of the security measures in place to protect a user's personally identifiable information from unintended disclosure. I think our standard privacy policy statement addresses the issues as outlined. We just need to review it to make sure.
The bill also requires the IT Commission to study the issue of popup ads. It would be nice to eliminate them, wouldn't it?
I am glad that Google is beginning to address issues associated the security of the Blogger product.
8:42:00 AM 
|
![[Valid RSS]](http://www.das.utah.gov/images/validrss.gif "Valid RSS"){kind=small}
