NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Attrition Dataloss> current

[Dataloss] Report: Data breaches from unencrypted devices up 525% in 2011

From: security curmudgeon (jerichoattrition.org)
Date: Fri Feb 03 2012 - 03:28:51 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.fiercehealthit.com/story/report-data-breaches-unencrypted-devices-525-2011/2012-02-01

By Dan Bowman
FierceHealthIT
February 1, 2012

Healthcare organizations need to "serve as their own watchdog" to increase
security and decrease data breaches, a new report from IT security audit
firm Redspin concludes. The increase in "bring your own device" policies
at various hospitals, in addition to the continued implementation of
electronic health record systems, are too much for government alone to
regulate, the report's authors say.

The report digs into the latest major data breach figures--those breaches
impacting 500 or more individuals--released by the U.S. Department of
Health & Human Services' Office for Civil Rights. With the addition last
week of the 2011 Sutter Health breach, which impacted 4.2 million
patients, the number of major healthcare information breaches now sits at
385 since 2009.

"The Federal government is unlikely to mandate that all portable devices
that store [electronic personal health information] be encrypted, but it's
an obvious and sensible policy for a healthcare organization to adopt,"
the authors say. "Taking it further, why not require that all mobile
devices in the healthcare workplace be encrypted, even if ePHI is not
allowed on them?"

According to the report, nearly 40 percent of all major PHI breaches
occurred on a laptop or other portable media device, a problem the authors
say isn't likely to go away anytime soon. "Portability is here to stay,"
the write. "The BYOD revolution is well underway, yet 50 percent of
respondents in a recent healthcare IT poll say nothing is being done to
protect data on those devices."

[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Small, inexpensive USB drives pose huge threats to organizations left unprotected.
Download Chapter 1 of CREDANT Technologies eBook
Data Protection to the Rescue
http://www.credant.com/campaigns/external_media_ebook/chapter1/lp/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]