Data Breaches

Business partners, outsourcers, service providers or consultants — companies regularly make use of outside resources to handle business functions. In our 24/7, always-online business environment, these outside resources are often granted access to internal IT, whether through minimal access via an externally-available email account, though a vendor portal, or via a VPN tunnel. Such access granted to outsiders effectively extend an organization’s security “attack surface.” How well is that...

The Ponemon Institute and IBM recently released the 2014 Cost of Data Breach study, showing that the cost of data breaches continues to rise, up to $145 per lost record over the $136 from 2013. The average cost to a company was $3.5 million, 15% higher than the 2013 cost. This is the 9th year of this report, analyzing actual data breach experiences from more than 250 organizations from 11...

The Health and Human Service (HHS) Department’s Office for Civil Rights (OCR) recently settled with two organizations for a combined $1,975,220 penalty after their unencrypted computers were stolen. As the two most recent data breach settlements, this sends a strong message about the importance of endpoint security in healthcare. Concentra Health Services (Concentra) has agreed to pay OCR $1,725,220 to settle potential violations following the theft of an unencrypted laptop...

Following the breach at Medicentres, where a stolen laptop of a Medicentres IT consultant led to the breach affecting 620,000 patients, there has been a renewed discussion on the importance of endpoint security in healthcare. The stolen Medicentres laptop contained the unencrypted personal health information of 620,000 Albertans, including names, dates of birth, health card numbers, billing codes and diagnostic codes. The laptop was stolen in September, 2013 and...

The Government Accountability Office (GAO) released a report today indicating that data breaches at federal agencies involving personally identifiable information (PII) have been on a steady incline for the past 5 years. The report, Federal Agencies Need to Enhance Responses to Data Breaches, shows that these breaches have more than doubled in the past 5 years: The federal government collects large amounts of PII from the public, including taxpayer data, Social Security...