Welcome!

SOA & WOA Authors: Elizabeth White, Mark Cravotta, Jason Bloomberg, Liz McMillan, Tad Anderson

Related Topics: Virtualization, SOA & WOA, .NET, Cloud Expo, Apache, Security, SDN Journal

Virtualization: Blog Feed Post

Lost Records a Day Shows Doctors Are Blasé

Health Care Privacy Challenges

I always wanted to write, ‘In the USA Today, today’ in the Life section snapshots sidebar there is an interesting stat from a December 2012 Ponemon Institute study of 80 health care organizations showing that the data lost or stolen most often are our medical records at 48% and billing/insurance records at 48% followed by payment details at 24%.  Multiple responses were allowed which is why the percentages break 100.  What is more alarming is that over the last two years, 94% of health care organizations have been breached at least once and 45% have had 5 or more incidents!  What is sad is that over half (54%) have little or no confidence that they can detect patient data loss.

patient privacy usatodayI know many of us often delay or avoid the doctors for fear that we might get diagnosed with something terrible but maybe now we’ll avoid with the notion, ‘eh, I’m healthy and I don’t want to be afflicted with identity theft disease.’  Ask your doctor about ITD – common side effects include increased heart rate, depression, headaches, loss of appetite and in some patients, bank account drainage. Why risk it?  Heck, the last time my wife went to her now previous doctor and asker her about how she complies with HIPAA, the doctor didn’t even know what that was!  How can that be?  How can a practicing physician be unaware of HIPAA?  That’s like a bank unaware of PCI or the numerous other financial regulatory requirements.  But is it ‘unaware’ or ‘just don’t care.’

The primary causes of health care data breach include lost or stolen devices along with employee or 3rd party mistakes and they only learned of the breach because of an audit.  Data gets moved around amongst various parties for multiple reasons it is often hard to determine who and where leaked it.

Suggestions include appointing senior security roles reporting to the board, securing mobile devices, using encryption, develop breach plans that are ready and tested, education and as more health care organizations turn to the cloud, understand and control that risk – whatever it may be.

Oh, and have a seat, we’ll be with you in a moment.

ps

Related:

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]


Read the original blog entry...

More Stories By Peter Silva

Peter Silva covers security for F5’s Technical Marketing Team. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Bringing the slightly theatrical and fairly technical together, he covers training, writing, speaking, along with overall product evangelism for F5’s security line. He's also produced over 200 F5 videos and recorded over 50 audio whitepapers. Prior to joining F5, he was the Business Development Manager with Pacific Wireless Communications. He’s also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others. He earned his B.S. from Marquette University, and is a certified instructor in the Wisconsin System of Vocational, Technical & Adult Education.