[ISN] Medical Data At Risk

From: InfoSec News <alerts_at_private>
Date: Thu, 8 Apr 2010 00:18:33 -0500 (CDT)
http://www.informationweek.com/news/healthcare/EMR/showArticle.jhtml?articleID=224201775

By Nicole Lewis
InformationWeek
April 7, 2010 

A new study from the Healthcare Information and Management Systems 
Society reports that since January 2008, more than 110 healthcare 
organizations have reported the loss of sensitive patient data affecting 
over 5,306,000 individuals.

The findings, published in the 2010 HIMSS Analytics Report: Security of 
Patient Data, show that the vast majority of the 250 healthcare IT and 
security professionals surveyed have policies, procedures and technology 
in place at their organizations to prevent data theft. But changes made 
to protect medical records haven't curbed the number of reported 
breaches, which increased six percent since 2008.

HIMSS's Analytics unit did the study in partnership with Kroll Fraud 
Solutions, a provider of data protection and identity theft response 
services.

More than 40 percent of survey respondents reported that data loss 
incidents were caused by theft (stolen laptops, computers, or 
media/tapes. Another 27 percent were the result of loss or by staff or 
third parties; malicious insiders caused 20 percent; and 9 percent were 
caused by system hacks, Web exposure, and virus attacks.

The organizations in questions have security policies in place, said 
Brian Lapidus, Kroll's chief operating officer. But "the gap between 
security policy and actual behavioral change is still significant," he 
said.

[...]


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/
Received on Wed Apr 07 2010 - 22:18:33 PDT

This archive was generated by hypermail 2.2.0 : Wed Apr 07 2010 - 22:23:56 PDT