"With the right people, process and technology, you could be able to put a system together that would greatly reduce the impact these types of attacks have," says cybersecurity expert Eric Cole, a SANS Institute faculty fellow.
Community hospitals must become more vigilant about information security, especially as they apply for federal electronic health records incentive payments, says Chuck Christian, CIO at Good Samaritan Hospital in Vincennes, Ind.
What's embarrassing about the WikiLeaks episode isn't just the precarious position the publication of diplomatic cables put the U.S. in with its allies but the likelihood that one, low-level analyst accessed sensitive data without authorization and then leaked them.
About 400,000 Puerto Ricans enrolled in the government's health insurance plan for the impoverished have potentially been affected by a breach incident involving unauthorized access to an Internet database.
There was good news and bad news in the past month about the official federal tally of major health information breaches. While only six new incidents were added in the past month, one of those cases affected more than 280,000 individuals.
Staff training, aggressive breach prevention efforts and strong sanctions for violating policies are key to creating a corporate culture that values privacy and security, says Alan Dowling, the new CEO of the American Health Information Management Association.
The Department of Veterans Affairs has taken steps to help ensure thumb drives lacking encryption cannot be plugged into its computers. The move comes following the discovery of an unencrypted drive containing personal information on veterans.
A Florida hospital is notifying approximately 40,000 of its emergency room patients about a breach incident involving stolen paper records that it believes might have affected about 1,500 of those patients.