Two recent breaches at the Utah Department of Health and Howard University Hospital in Washington, DC, indicate the weaknesses at some healthcare organizations, reports Chiropractic Economics. The breaches are a "wakeup call that simply complying with regulations that are not part of an overall security program can put the organization at serious risk," said Neil Roiter, research director at Corero Network Security. "The reported explanation on the part of the Utah officials that the stolen data wasn't encrypted--a basic security fundamental--because federal regulations don't require it, attests to this point," he said. Axis Technology's Joe Santangelo suggests organizations encrypt data, implement data leak detection and monitor network traffic, among other safeguards.
If you want to comment on this post, you need to login.