Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity
    • Database
    • Storage

    Data Breaches Hit 113 Health Care Organizations, Report Says

    Written by

    Brian T. Horowitz
    Published August 2, 2010
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      A total of 113 health care facilities have been hit with data breaches in 2010, compared with only 39 banking/finance firms, according to a July 28 report by the Identity Theft Resource Center.

      Hospitals are vulnerable to insider data breaches with the multitude of doctors, nurses, lab technicians, janitors and food service personnel circulating throughout the facility, according to Jay Foley, executive director of the ITRC.

      In one incident reported by the ITRC, a former UCSF (University of California, San Francisco) Medical Center employee used fellow workers’ Social Security numbers to fill out health surveys that won him hundreds of $100 vouchers for an Amazon.com shopping spree. The former employee pleaded guilty to wire fraud in federal court.

      In another case cited in the ITRC report, the Colorado Department of Health Care Policy & Financing notified 105,470 clients receiving state-provided health insurance that a hard drive had been stolen containing their state ID numbers.

      The organization obtained its information on the health care data breaches from the U.S. Department of Health and Human Services, Foley told eWEEK. To qualify as a breach, the data had to include financial account information, as well as driver’s license and Social Security numbers, he explained.

      Meanwhile, BridgeHead Software, a storage-virtualization firm, reported in its International 2010 Data Management Healthcheck survey that 69 percent of health care organizations expect their volume of stored data to increase this year. However, by comparison, only 44 percent of hospitals surveyed planned to make disaster recovery a top IT spending priority.

      Frank Kenney, vice president of global strategy at Ipswitch, noted that health care facilities are not complying with HIPAA (Health Insurance Portability and Accountability Act) and regional government regulations on data privacy. Even signing your name in at the front desk in a doctor’s office for all to see is a breach of HIPAA regulations, according to Kenney.

      Having a nurse encrypt your signature digitally would be better, he said.

      Kenney told eWEEK that full compliance and visibility as well as avoiding storage of personal medical data on flash drives and CD burners are essential measures to averting data breaches.

      As Verizon reported in its 2010 Data Breach Investigations Report, in collaboration with the U.S. Secret Service, 48 percent of data breaches across all industries were caused by insiders. “There’s a fairly significant amount of breaches coming from insiders who have access to the data,” Kenney said.

      One heavily publicized example occurred in 2008 when the UCLA Medical Center fired employees for selling the health records of Britney Spears and Farrah Fawcett to the National Enquirer.

      Most hospitals are focused on preventing unauthorized access by outsiders, using firewalls, rather than preventing intrusion by insiders, said Phil Neray, vice president of security strategy for IBM’s Guardium security platform, which analyzes transactions in databases for suspicious activity. “Firewalls have been insufficient in preventing unauthorized access by insiders,” he told eWEEK.

      On July 19, South Shore Hospital, in South Weymouth, Mass., reported the potential loss of 800,000 backup files containing personal, health and financial information of patients, physicians and other individuals connected with the medical facility.

      With double the amount of data breaches for health care facilities (108) compared with banking/finance firms (39), the financial institutions are more equipped to monitor database activity than health care companies, according to IBM’s Neray. “All of the major banks have implemented this technology, but very few hospitals have,” he said.

      Neray noted that the health information exchanges outlined under federal meaningful use guidelines of electronic medical records will centralize data in big data warehouses, thereby increasing the risk for data breaches.

      The Web is a vulnerable spot as far as data breaches, noted Michael Maloof, CTO of TriGeo Network Security, which makes the TriGeo Security Information Management device. “Going through the [ITRC] report, I did see a number of cases that referred generically to server breach. The vast majority of these are from client-based breaches based from the Web,” he told eWEEK.

      If a breach does occur, ITRC’s Foley said it’s important to take a snapshot of your system to provide to law enforcement. “No matter who you had in your organization, there will always be some thief to create grief and havoc for you,” he said.

      Brian T. Horowitz
      Brian T. Horowitz
      Brian T. Horowitz is a technology and health writer as well as a copy editor. Brian has worked on the tech beat since 1996 and covered health care IT and rugged mobile computing for eWEEK since 2010. He has contributed to more than 20 publications, including Computer Shopper, Fast Company, FOXNews.com, More, NYSE Magazine, Parents, ScientificAmerican.com, USA Weekend and Womansday.com, as well as other consumer and trade publications.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.