SlideShare a Scribd company logo

Reasons for the Popularity of Medical Record Theft

OPSWAT
OPSWAT

After a slew of data breaches in 2014, the FBI warned the healthcare industry that cyber-criminals would be directing more attention their way in 2015. The healthcare industry has become an increasingly valuable target for cyber thieves, and in some cases, a much easier target to attack, due to their often less than adequate investment in cyber security. What is it about the healthcare industry that has captured the cyber criminals' interest in the last few years? This white paper covers various topics including industry data breach statistics, the value of credit card data versus medical record data, healthcare spending on cyber security and the impact of BYOD on industry vulnerability to data breaches. This white paper also highlights various solutions for protecting medical record data including multi-scanning, email security and the protection of endpoint devices.

Healthcare
1 of 14
Download to read offline
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 1 PROTECTING MEDICAL RECORD DATA REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 1 Introduction After a slew of data breaches in 2014, the FBI warned the healthcare industry that cyber-criminals would be direct- ing more attention their way in 2015 [1]. The healthcare industry, valued at $3 trillion, has become an increasingly valuable target for cyber thieves, and in some cases, a much easier target to attack, due to their often less than adequate investment in cyber security. What is it about the healthcare industry that has captured the cyber crimi- nals’ interest in the last few years [2]? Overview of Data Breaches in 2014 At the end of each year, the Identity Theft Resource Center (ITRC) produces a comprehensive data breach report, which shows the total number of data breaches and records stolen for each industry represented [3]. The data is taken from credible sources, including the Attorney General’s website and includes data breaches that occurred in the year of the report or breaches that were made public in the year of the report. 2014 was a big year for data breaches in general; according to the ITRC, there were a total of 761 breaches in 2014, amounting in 83,176,279 exposed records. The following industries were included in the report: • Credit/Financial • Business • Education • Government/Military • Healthcare
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 2 Of the industries represented, the healthcare industry had the highest number of total breaches in 2014: 322 out of a total of 761 breaches. Of this total, the healthcare industry accounts for 42.3% of total breaches, followed by business (32.7%), government/military (11.8%), education (7.6%), and finally the credit/financial industry (5.5%). In terms of the total amount of records stolen or compromised by breaches in 2014, the business sector had the highest at 65,896,115, followed by the healthcare industry at 8,255,247 records [4]. It might be surprising to some that the banking industry only had 1,185,492 records stolen compared to the healthcare industry, especially when you think about how frequently credit card fraud makes the news. It’s not often that you hear about someone who had their medical record stolen. Unfortunately, stolen medical record data is not usually reported in a timely manner; it can often take years before someone discovers that the data has been compromised. Unlike stolen medical records, stolen credit card information is usually reported rather quickly, due to banks’ monitoring for suspicious account activity.
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 3 Comparing Medical Records to Credit Card Data In order to understand why the healthcare industry is such a big target for cyber-criminals, you have to understand the value of a stolen medical record. Personal banking information is still valuable to the average cyber thief, but it doesn’t have nearly as high of a payout as that of a medical record. Reuters placed a value on stolen medical information that is 10 times more than that of credit card data [5]. According to data collected from monitoring exchanges on the black market, the director of threat intelligence at PhishLabs estimates the value of stolen medical information to be around $10 per record, and that is on the low end of black market prices (see reference 7 below). Some sources claim that they can be sold for as much as $60 to $70 per record. In the ITRC report mentioned above, of 322 reported breaches for the healthcare industry, 289 breaches resulted in confirmed quantities for the number of records stolen. The average amount of records stolen per known breach was around 28,564. If each medical record is assumed to be worth a minimum of $10, then the average payout for cyber-criminals from each breach would be at least $285,640, and that is considered to be a conservative estimate. If a record were assumed to be worth around $60-$70, then the average payout would be over $1.7 million per breach [6]. Credit card data, on the other hand is worth around $1 per record, so cyber-criminals would have to steal at least 10 times as many banking records to realize similar profits. Medical records sell at a high price because they contain personal data such as names, addresses, social security numbers, birth dates, billing information, among other information. This information is used by cyber-criminals to create fake IDs that can be used to buy medical equipment or drugs that can be resold later, or to file false insurance claims using patient data [7].
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 4 Industry Spending on Cyber Security Hospitals are often easier targets for cyber-crime because they lack the proper cyber security defenses [8]. Healthcare spending for cyber security is known to be low, compared to other regulated industries. Nuclear facilities, for example, are well protected as they have numerous safeguards in place to prevent the infiltration of outside threats [9]. In a 2012 report released by the Ponemon Institute, the healthcare industry listed a lack of funds as one of the main obstacles preventing them from taking the proper steps toward better data security practices [10]. ABI Research recently reported estimates that worldwide healthcare spending on cyber security will be around $10 billion by 2020 [11]. This may seem like a hefty sum, but it only amounts to about 10% of the amount spent on cyber security by the critical infrastructure industry. By comparison, the financial industry is expected to spend $9.5 billion in 2015 alone [12]. We know how much cyber-criminals stand to gain from a healthcare industry data breach, but how much do these data breaches cost the companies who are affected? According to another report released by Ponemon in 2014, the average cost of a data breach for a company in the healthcare industry was around $2 million over a two-year period [13]. When looking at potential damages of this magnitude, the case for investing in additional cyber security defenses becomes clearer. Healthcare spending on cyber security will be around $10 billion by 2020
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 5 The Problem with BYOD One of the biggest concerns facing the healthcare industry is the increased adoption of BYOD by medical professionals. Physicians adopting BYOD and using personal laptops, smartphones and tablets is problematic because they may not be properly secured/in full compliance with HIPAA. According to a recent report, 88% of healthcare organizations said they permitted employees and other medical staff to use personal devices for work purposes [14]. More than half of those same organizations claimed they did not have visibility to the security status of those BYOD devices. If organizations are not certain of the security of a device, they how can they effectively protect any patient data contained therein? Although many healthcare organizations allow medical staff to use personal devices for work purposes, their IT departments do not adequately support that use [15]. There seems to be some sort of disconnect between the Electronic Medical Record (EMR) tools that are chosen by the IT department and the willingness of medical professionals to use those tools. Oftentimes, the medical staff decides against using new tools such as secure HEALTHCARE INDUSTRY ADOPTION OF BYOD 12% Organizations not permitting BYOD among 88% Organizations permitting BYOD among
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 6 messaging and desktop virtualization because they find the technology to be too time-consuming to use. In a study recently released by Spyglass Consulting, 70% of physicians interviewed claimed that their IT department wasn’t making adequate progress towards supporting mobile computing and communication requirements [16]. This statistic was alarming because 96% of those same physicians claimed to be using their personal smartphone for clinical communication purposes. Inefficient support of physician’s mobile devices results in communication issues, which in turn leads to higher costs created by communication delays. In July of 2014, the Ponemon Institute found that the average annual cost for hospitals due to communication workflow issues was $1.75 million. The healthcare industry clearly needs to find a way to integrate BYOD trends without compromising the security of devices. IT SUPPORT OF MOBILE COMPUTING & COMMUNICATION REQUIREMENTS 30% Physicians with adequate IT support 70% Physicians without adequate IT support
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 7 Solutions for Preventing Future Breaches With healthcare industry data breaches predicted to increase in 2015, organizations must take the proper precautions to avoid hefty fines resulting from HIPAA violations. Multi-scanning Technology As a requirement for HIPAA, installing an antivirus product is an important layer of protection. Metascan® multi- scanning technology leverages the power of over 40 antivirus engines to scan data as it enters an organization or is transmitted internally. By choosing multi-scanning, organizations reduce the risk that that malware will enter their network; what one antivirus engine doesn’t detect another often will. Metascan also provides document sanitization capabilities that allows users to prevent infections by advanced threats and/or zero-day attacks by converting potentially dangerous file types to remove embedded malware. To learn more about Metascan, please visit https:// www.opswat.com/products/metascan/explore. Protection of Endpoints If devices connecting to a hospital’s internal network cannot be confirmed as secure, then how can organization expect to avoid a possible data breach? Proper host checking and monitoring of endpoint security status is imperative as more physicians adopt BYOD practices. Traditionally this has been possible but not simple for managed devices, where IT has extensive visibility and control over each device touching the network. Non-IT managed assets, ranging from employee-owned PCs to Mac laptops and even Linux devices, provide significantly
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 8 less visibility to IT departments. These devices may be running low-quality antivirus products, if any at all. Additionally they may or may not have full disk encryption in place, be running an unpatched operating system, or even be actively infected with malware or keyloggers. This endpoint visibility challenge is unique and difficult to address while still maintaining the spirit of BYOD policies. Some MDM (Mobile Device Management) products have addressed this using techniques like containerization and app-wrapping, but the issue is largely unaddressed for desktops and laptops. Gears is an endpoint compliance and monitoring tool that can be used to report the security status of a device. Gears is ideal for improving BYOD security, as it allows IT administrators to block or allow devices based on whether they meet certain criteria, such as having an antivirus or full disk encryption product installed. The application also reduces IT support costs as end users can self-remediate connection issues for industry-leading NAC and SSL-VPN solutions. To learn more about Gears, please visit https://www.opswat.com/products/gears. Improved Email Security A phishing attack is believed to be the cause of the recent Anthem breach, where stolen employee credentials were used to gain access to a secure network. In order to avoid this type of attack, the healthcare industry must invest in the proper email security software. Policy Patrol Security for Exchange provides the necessary tools for blocking spam and phishing emails and has a strict policy for preventing harmful content from being sent to or from an organization. Additionally, Policy Patrol can search email attachments for keywords and regular expressions, making sure no confidential content such as
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 9 credit card data or social security numbers are sent via unsecured email. This is ideal for ensuring that patient data is not exposed via email. To learn more about Policy Patrol, please visit https://www.opswat.com/products/policy- patrol. Summary Industry-wide spending on cyber security remains low, despite the fact that healthcare is the largest target for cyber-criminals. If organizations in the healthcare sector want to reduce their risk of cyber-attack, they are going to have to re-evaluate their views on security. Too often, investment in cyber security occurs after a breach has already taken place and patient data has already been compromised. If organizations find the right security tools they can protect patient data while addressing organization-wide communication issues, saving the valuable time of medical staff and avoiding the potential loss of millions in data-breach recovery costs. About OPSWAT OPSWAT is a San Francisco based software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, OPSWAT delivers solutions that provide manageability of endpoints and networks, and that help organizations protect against zero-day attacks by using multiple anti-malware engine scanning, data santization, and file filtering. OPSWAT’s intuitive applications and comprehensive development kits are deployed by SMB, enterprise, and OEM customers to more than 100 million endpoints worldwide.
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 10 OPSWAT’s software management solutions offer streamlined technology partnerships between leading technology solutions and software vendors. By enabling seamless compatibility and easy management capabilities, we allow network security and manageability solutions to provide visibility and management of multiple application types installed on an endpoint, as well as the ability to remove unwanted or non-compliant applications. Our innovative multi-scanning solutions deliver anti-malware protection with increased detection rates and minimized performance overhead. In addition to maximizing detection rates, we provide the ability for customers to easily adapt our solutions to their existing infrastructure to add control over the flow of data into and out of secure networks.
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 11 References [1] Jim Finkle, “Exclusive: FBI warns healthcare sector vulnerable to cyber attacks,” [Online]. Available: http://www. reuters.com/article/2014/04/23/us-cybersecurity-healthcare-fbi-exclusiv-idUSBREA3M1Q920140423. [Accessed 5 March, 2015]. [2] Mike Orcutt, “2015 Could Be the Year of the Hospital Hack,” [Online]. Available: http://www.technologyreview. com/news/533631/2015-could-be-the-year-of-the-hospital-hack/. [Accessed 5 March, 2015]. [3] Identity Theft Resource Center, “2014 Data Breach Stats,” [Online]. Available: http://www.idtheftcenter.org/ images/breach/ITRC_Breach_Stats_Report_2014.pdf. [Acessed 5 March, 2015]. [4] Identity Theft Resource Center, “2014 Data Breach Category Summary,” [Online]. Available: http://www. idtheftcenter.org/images/breach/ITRCBreachStatsReportSummary2014.pdf. [Acessed 5 March, 2015]. [5] Rob Waugh, “Healthcare data worth ten times price of credit card data,” [Online]. Available: http://www. welivesecurity.com/2014/09/25/healthcare-security/. [Acessed 5 March, 2015]. [6] Kris Van Cleave, “Anthem highlights desireability of stolen health records,” [Online]. Available: http://www. cbsnews.com/news/do-hackers-have-your-health-records/. [Acessed 5 March, 2015]. [7] Caroline Humer, “Your medical record is worth more to hackers than your credit card,” [Online]. Available: http:// www.reuters.com/article/2014/09/24/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924. [Acessed 5 March, 2015]. [8] Tom Murphy, “Health records are easy targets for hackers,” [Online]. Available: http://www.dispatch.com/ content/stories/business/2015/02/15/health-care-records-are-easy-targets-for-hackers.html?utm_ content=12155422&utm_medium=social&utm_source=linkedin. [Acessed 5 March, 2015].
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 12 [9] NEI, “Cyber Security for Nuclear Power Plants,” [Online]. Available: http://www.nei.org/Master-Document- Folder/Backgrounders/Policy-Briefs/Cyber-Security-Strictly-Regulated-by-NRC;-No-Addit. [Acessed 5 March, 2015]. [10] Ponemon Institute, “2012 Cost of Cyber Crime Study,” [Online]. Available: http://www.ponemon.org/local/ upload/file/2012_US_Cost_of_Cyber_Crime_Study_FINAL6%20.pdf. [Acessed 5 March, 2015]. [11] ABI Research, “Healthcare Cybersecurity a Massive Concern as Spending Set to Reach Only US $10 Billion by 2020,” [Online]. Available: https://www.abiresearch.com/press/healthcare-cybersecurity-a-massive-concern- as-spen/. [Acessed 5 March, 2015]. [12] Cybersecurity Ventures, “Cybersecurity Market Report,” [Online]. Available: http://cybersecurityventures. com/cybersecurity-market-report-q2-2015/. [Acessed 5 March, 2015]. [13] Ponemon Institute, “Fourth Annual Benchmark Study on Patient Privacy & Data Security,” [Online]. Available: https://www.privacyrights.org/sites/privacyrights.org/files/ID%20Experts%204th%20Annual%20 Patient%20Privacy%20&%20Data%20Security%20Report%20FINAL.pdf. [Acessed 5 March, 2015]. [14] Herb Weisbaum, “Heath care system’s $5.6 billion security problem,” [Online]. Available: http://www.cnbc. com/id/101488137. [Acessed 5 March, 2015]. [15] John Comstock, “Report: Most physicians use BYOD smartphones, but lack support from hospital IT,” [Online]. Available: http://mobihealthnews.com/39718/report-most-physicians-use-byod-smartphones-but- lack-support-from-hospital-it/. [Acessed 5 March, 2015]. [16] FierceMobileIT, “Study: Hospital IT Paying LIP Service to Address Physician Mobile Requirments, Says Spyglass Consulting Group,” [Online]. Available: http://www.fiercemobileit.com/press-releases/study-hospital-it- paying-lip-service-address-physician-mobile-requirements. [Acessed 5 March, 2015].
REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 13 http://www.opswat.com Disclaimer. © 2015. OPSWAT, Inc. (“OPSWAT”). All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. OPSWAT is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. Though reasonable effort has been made to ensure the accuracy of the data provided, OPSWAT makes no claim, promise or guarantee about the completeness, accuracy and adequacy of information and is not responsible for misprints, out-of-date information, or errors. OPSWAT makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical.

Recommended

Digital Health Data
Digital Health DataDigital Health Data
Digital Health DataShahidul Islam Khan Nayeem
 
wp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industrywp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industryNumaan Huq
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Hybrid Cloud
 
Data Breach: It Can Happen To You
Data Breach: It Can Happen To YouData Breach: It Can Happen To You
Data Breach: It Can Happen To You
Cooperative of American Physicians, Inc.
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
EMC
 
Cost of Data Breah in Healthcare_Quinlan, Courtney
Cost of Data Breah in Healthcare_Quinlan, CourtneyCost of Data Breah in Healthcare_Quinlan, Courtney
Cost of Data Breah in Healthcare_Quinlan, Courtneycourtneyquinlan
 
Accounting
AccountingAccounting
Accountingjerryrabin
 
BREACH REPORT 2013: Protected Health Information (PHI)
BREACH REPORT 2013: Protected Health Information (PHI)BREACH REPORT 2013: Protected Health Information (PHI)
BREACH REPORT 2013: Protected Health Information (PHI)
- Mark - Fullbright
 

Recommended

Digital Health Data
Digital Health DataDigital Health Data
Digital Health DataShahidul Islam Khan Nayeem
 
wp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industrywp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industryNumaan Huq
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Hybrid Cloud
 
Data Breach: It Can Happen To You
Data Breach: It Can Happen To YouData Breach: It Can Happen To You
Data Breach: It Can Happen To You
Cooperative of American Physicians, Inc.
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
EMC
 
Cost of Data Breah in Healthcare_Quinlan, Courtney
Cost of Data Breah in Healthcare_Quinlan, CourtneyCost of Data Breah in Healthcare_Quinlan, Courtney
Cost of Data Breah in Healthcare_Quinlan, Courtneycourtneyquinlan
 
Accounting
AccountingAccounting
Accountingjerryrabin
 
BREACH REPORT 2013: Protected Health Information (PHI)
BREACH REPORT 2013: Protected Health Information (PHI)BREACH REPORT 2013: Protected Health Information (PHI)
BREACH REPORT 2013: Protected Health Information (PHI)
- Mark - Fullbright
 
Cyber Review_April 2015
Cyber Review_April 2015Cyber Review_April 2015
Cyber Review_April 2015James Sheehan
 
D2015 Protected-Health-Information-Data-Breach-Report
D2015 Protected-Health-Information-Data-Breach-ReportD2015 Protected-Health-Information-Data-Breach-Report
D2015 Protected-Health-Information-Data-Breach-Report
The Internet of Things
 
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
ijsptm
 
AIS Article
AIS ArticleAIS Article
AIS ArticleShaun Greene
 
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentUW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentAkshay Ajgaonkar
 
Infographic: Symantec Healthcare IT Security Risk Management Study
Infographic: Symantec Healthcare IT Security Risk Management StudyInfographic: Symantec Healthcare IT Security Risk Management Study
Infographic: Symantec Healthcare IT Security Risk Management Study
CheapSSLsecurity
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
INFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PIIINFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PII
- Mark - Fullbright
 
ITRC Breach Report 2014
ITRC Breach Report 2014ITRC Breach Report 2014
ITRC Breach Report 2014
- Mark - Fullbright
 
Milliman Payor E Savings Report Final
Milliman Payor E Savings Report FinalMilliman Payor E Savings Report Final
Milliman Payor E Savings Report FinalMark Bergen
 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft
- Mark - Fullbright
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
My blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banksMy blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banks
Kishore Jethanandani, MBA, MA, MPhil,
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
Mark Merrill
 
Risk management in Healthcare on Cloud
Risk management in Healthcare on CloudRisk management in Healthcare on Cloud
Risk management in Healthcare on Cloud
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
IRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET- Comprehensive Study of E-Health Security in Cloud ComputingIRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET Journal
 
Unstructured Data into EHR Systems: Challenges and Solutions
Unstructured Data into EHR Systems: Challenges and SolutionsUnstructured Data into EHR Systems: Challenges and Solutions
Unstructured Data into EHR Systems: Challenges and Solutions
DATAMARK
 
Security issues and framework of electronic medical record: A review
Security issues and framework of electronic medical record: A reviewSecurity issues and framework of electronic medical record: A review
Security issues and framework of electronic medical record: A review
journalBEEI
 
hex0316
hex0316hex0316
hex0316Shaun Greene
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafe
MedSafe
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
EMC
 
Systems Thinking on a National Level, Part 2Drew David.docx
Systems Thinking on a National Level, Part 2Drew David.docxSystems Thinking on a National Level, Part 2Drew David.docx
Systems Thinking on a National Level, Part 2Drew David.docx
perryk1
 

More Related Content

What's hot

Cyber Review_April 2015
Cyber Review_April 2015Cyber Review_April 2015
Cyber Review_April 2015James Sheehan
 
D2015 Protected-Health-Information-Data-Breach-Report
D2015 Protected-Health-Information-Data-Breach-ReportD2015 Protected-Health-Information-Data-Breach-Report
D2015 Protected-Health-Information-Data-Breach-Report
The Internet of Things
 
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
ijsptm
 
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentUW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentAkshay Ajgaonkar
 
Infographic: Symantec Healthcare IT Security Risk Management Study
Infographic: Symantec Healthcare IT Security Risk Management StudyInfographic: Symantec Healthcare IT Security Risk Management Study
Infographic: Symantec Healthcare IT Security Risk Management Study
CheapSSLsecurity
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
INFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PIIINFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PII
- Mark - Fullbright
 
ITRC Breach Report 2014
ITRC Breach Report 2014ITRC Breach Report 2014
ITRC Breach Report 2014
- Mark - Fullbright
 
Milliman Payor E Savings Report Final
Milliman Payor E Savings Report FinalMilliman Payor E Savings Report Final
Milliman Payor E Savings Report FinalMark Bergen
 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft
- Mark - Fullbright
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
My blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banksMy blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banks
Kishore Jethanandani, MBA, MA, MPhil,
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
Mark Merrill
 
Risk management in Healthcare on Cloud
Risk management in Healthcare on CloudRisk management in Healthcare on Cloud
Risk management in Healthcare on Cloud
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
IRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET- Comprehensive Study of E-Health Security in Cloud ComputingIRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET Journal
 
Unstructured Data into EHR Systems: Challenges and Solutions
Unstructured Data into EHR Systems: Challenges and SolutionsUnstructured Data into EHR Systems: Challenges and Solutions
Unstructured Data into EHR Systems: Challenges and Solutions
DATAMARK
 
Security issues and framework of electronic medical record: A review
Security issues and framework of electronic medical record: A reviewSecurity issues and framework of electronic medical record: A review
Security issues and framework of electronic medical record: A review
journalBEEI
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafe
MedSafe
 

What's hot (20)

Cyber Review_April 2015
Cyber Review_April 2015Cyber Review_April 2015
Cyber Review_April 2015
 
D2015 Protected-Health-Information-Data-Breach-Report
D2015 Protected-Health-Information-Data-Breach-ReportD2015 Protected-Health-Information-Data-Breach-Report
D2015 Protected-Health-Information-Data-Breach-Report
 
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
AVAILABILITY, ACCESSIBILITY, PRIVACY AND SAFETY ISSUES FACING ELECTRONIC MEDI...
 
AIS Article
AIS ArticleAIS Article
AIS Article
 
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentUW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
 
Infographic: Symantec Healthcare IT Security Risk Management Study
Infographic: Symantec Healthcare IT Security Risk Management StudyInfographic: Symantec Healthcare IT Security Risk Management Study
Infographic: Symantec Healthcare IT Security Risk Management Study
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
 
INFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PIIINFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PII
 
ITRC Breach Report 2014
ITRC Breach Report 2014ITRC Breach Report 2014
ITRC Breach Report 2014
 
Milliman Payor E Savings Report Final
Milliman Payor E Savings Report FinalMilliman Payor E Savings Report Final
Milliman Payor E Savings Report Final
 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler Seminar
 
My blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banksMy blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banks
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
 
Risk management in Healthcare on Cloud
Risk management in Healthcare on CloudRisk management in Healthcare on Cloud
Risk management in Healthcare on Cloud
 
IRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET- Comprehensive Study of E-Health Security in Cloud ComputingIRJET- Comprehensive Study of E-Health Security in Cloud Computing
IRJET- Comprehensive Study of E-Health Security in Cloud Computing
 
Unstructured Data into EHR Systems: Challenges and Solutions
Unstructured Data into EHR Systems: Challenges and SolutionsUnstructured Data into EHR Systems: Challenges and Solutions
Unstructured Data into EHR Systems: Challenges and Solutions
 
Security issues and framework of electronic medical record: A review
Security issues and framework of electronic medical record: A reviewSecurity issues and framework of electronic medical record: A review
Security issues and framework of electronic medical record: A review
 
hex0316
hex0316hex0316
hex0316
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafe
 

Similar to Reasons for the Popularity of Medical Record Theft

Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
EMC
 
Systems Thinking on a National Level, Part 2Drew David.docx
Systems Thinking on a National Level, Part 2Drew David.docxSystems Thinking on a National Level, Part 2Drew David.docx
Systems Thinking on a National Level, Part 2Drew David.docx
perryk1
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
U.S. News Healthcare of Tomorrow
 
Redspin PHI Breach Report 2012
Redspin PHI Breach Report 2012Redspin PHI Breach Report 2012
Redspin PHI Breach Report 2012Redspin, Inc.
 
Protected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend ReportProtected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend Report
Protected Harbor
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
mosmedicalreview
 
2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast
- Mark - Fullbright
 
(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc
SilvaGraf83
 
(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc
MoseStaton39
 
Big data and cyber security legal risks and challenges
Big data and cyber security legal risks and challengesBig data and cyber security legal risks and challenges
Big data and cyber security legal risks and challenges
Kapil Mehrotra
 
Running head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxRunning head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docx
wlynn1
 
Data Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector PlanData Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector Plan
sarahb171
 
How Vulnerable Is Your Industry to Cyber Crime?
How Vulnerable Is Your Industry to Cyber Crime?How Vulnerable Is Your Industry to Cyber Crime?
How Vulnerable Is Your Industry to Cyber Crime?
David Hunt
 
wp-follow-the-data
wp-follow-the-datawp-follow-the-data
wp-follow-the-dataNumaan Huq
 
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDSMANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
ijsptm
 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
karlhennesey
 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
honey690131
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis
FireEye, Inc.
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
Unisys Corporation
 
HC-CA Infographic REV_05
HC-CA Infographic REV_05HC-CA Infographic REV_05
HC-CA Infographic REV_05Randy Richey
 

Similar to Reasons for the Popularity of Medical Record Theft (20)

Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
 
Systems Thinking on a National Level, Part 2Drew David.docx
Systems Thinking on a National Level, Part 2Drew David.docxSystems Thinking on a National Level, Part 2Drew David.docx
Systems Thinking on a National Level, Part 2Drew David.docx
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
 
Redspin PHI Breach Report 2012
Redspin PHI Breach Report 2012Redspin PHI Breach Report 2012
Redspin PHI Breach Report 2012
 
Protected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend ReportProtected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend Report
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
 
2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast
 
(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc
 
(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc(Executive Summary)MedStar Health Inc, a leader in the healthc
(Executive Summary)MedStar Health Inc, a leader in the healthc
 
Big data and cyber security legal risks and challenges
Big data and cyber security legal risks and challengesBig data and cyber security legal risks and challenges
Big data and cyber security legal risks and challenges
 
Running head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxRunning head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docx
 
Data Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector PlanData Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector Plan
 
How Vulnerable Is Your Industry to Cyber Crime?
How Vulnerable Is Your Industry to Cyber Crime?How Vulnerable Is Your Industry to Cyber Crime?
How Vulnerable Is Your Industry to Cyber Crime?
 
wp-follow-the-data
wp-follow-the-datawp-follow-the-data
wp-follow-the-data
 
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDSMANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
MANAGING THE INFORMATION SECURITY ISSUES OF ELECTRONIC MEDICAL RECORDS
 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
 
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxPage 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docx
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
HC-CA Infographic REV_05
HC-CA Infographic REV_05HC-CA Infographic REV_05
HC-CA Infographic REV_05
 

More from OPSWAT

Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown Threats
OPSWAT
 
How to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted ApplicationsHow to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted Applications
OPSWAT
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear Facilities
OPSWAT
 
3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations
OPSWAT
 
Protecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email ThreatsProtecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email Threats
OPSWAT
 
Defense Innovation Summit
Defense Innovation SummitDefense Innovation Summit
Defense Innovation Summit
OPSWAT
 
Top 10 Facts About Data Breaches
Top 10 Facts About Data BreachesTop 10 Facts About Data Breaches
Top 10 Facts About Data Breaches
OPSWAT
 
Metascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for LinuxMetascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for Linux
OPSWAT
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data Workflow
OPSWAT
 
Network Security for Employees
Network Security for Employees Network Security for Employees
Network Security for Employees
OPSWAT
 
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureUsing Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
OPSWAT
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
OPSWAT
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
OPSWAT
 
Introduction to OESIS Framework
Introduction to OESIS FrameworkIntroduction to OESIS Framework
Introduction to OESIS Framework
OPSWAT
 
Introduction to Metascan Client
Introduction to Metascan ClientIntroduction to Metascan Client
Introduction to Metascan Client
OPSWAT
 
Metascan Multi-scanning Technology
Metascan Multi-scanning TechnologyMetascan Multi-scanning Technology
Metascan Multi-scanning Technology
OPSWAT
 
The Value of Multi-scanning
The Value of Multi-scanningThe Value of Multi-scanning
The Value of Multi-scanning
OPSWAT
 

More from OPSWAT (17)

Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown Threats
 
How to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted ApplicationsHow to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted Applications
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear Facilities
 
3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations
 
Protecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email ThreatsProtecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email Threats
 
Defense Innovation Summit
Defense Innovation SummitDefense Innovation Summit
Defense Innovation Summit
 
Top 10 Facts About Data Breaches
Top 10 Facts About Data BreachesTop 10 Facts About Data Breaches
Top 10 Facts About Data Breaches
 
Metascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for LinuxMetascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for Linux
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data Workflow
 
Network Security for Employees
Network Security for Employees Network Security for Employees
Network Security for Employees
 
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureUsing Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
 
Introduction to OESIS Framework
Introduction to OESIS FrameworkIntroduction to OESIS Framework
Introduction to OESIS Framework
 
Introduction to Metascan Client
Introduction to Metascan ClientIntroduction to Metascan Client
Introduction to Metascan Client
 
Metascan Multi-scanning Technology
Metascan Multi-scanning TechnologyMetascan Multi-scanning Technology
Metascan Multi-scanning Technology
 
The Value of Multi-scanning
The Value of Multi-scanningThe Value of Multi-scanning
The Value of Multi-scanning
 

Recently uploaded

Dimensions of Healthcare Quality
Dimensions of Healthcare QualityDimensions of Healthcare Quality
Dimensions of Healthcare Quality
Naeemshahzad51
 
Yemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .pptYemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .ppt
Esam43
 
Myopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptxMyopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptx
RitonDeb1
 
Demystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdf
Demystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdfDemystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdf
Demystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdf
SasikiranMarri
 
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
rajkumar669520
 
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.pptNursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
Rommel Luis III Israel
 
Navigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and BeyondNavigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and Beyond
Aboud Health Group
 
The Importance of Community Nursing Care.pdf
The Importance of Community Nursing Care.pdfThe Importance of Community Nursing Care.pdf
The Importance of Community Nursing Care.pdf
AD Healthcare
 
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptxBOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
AnushriSrivastav
 
Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...
Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...
Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...
ILC- UK
 
POLYCYSTIC OVARIAN SYNDROME (PCOS)......
POLYCYSTIC OVARIAN SYNDROME (PCOS)......POLYCYSTIC OVARIAN SYNDROME (PCOS)......
POLYCYSTIC OVARIAN SYNDROME (PCOS)......
Ameena Kadar
 
A Community health , health for prisoners
A Community health , health for prisonersA Community health , health for prisoners
A Community health , health for prisoners
Ahmed Elmi
 
Empowering ACOs: Leveraging Quality Management Tools for MIPS and Beyond
Empowering ACOs: Leveraging Quality Management Tools for MIPS and BeyondEmpowering ACOs: Leveraging Quality Management Tools for MIPS and Beyond
Empowering ACOs: Leveraging Quality Management Tools for MIPS and Beyond
Health Catalyst
 
How many patients does case series should have In comparison to case reports.pdf
How many patients does case series should have In comparison to case reports.pdfHow many patients does case series should have In comparison to case reports.pdf
How many patients does case series should have In comparison to case reports.pdf
pubrica101
 
Neuro Saphirex Cranial Brochure
Neuro Saphirex Cranial BrochureNeuro Saphirex Cranial Brochure
Neuro Saphirex Cranial Brochure
RXOOM Healthcare Pvt. Ltd. ​
 
CONSTRUCTION OF TEST IN MANAGEMENT .docx
CONSTRUCTION OF TEST IN MANAGEMENT .docxCONSTRUCTION OF TEST IN MANAGEMENT .docx
CONSTRUCTION OF TEST IN MANAGEMENT .docx
PGIMS Rohtak
 
Essential Metrics for Palliative Care Management
Essential Metrics for Palliative Care ManagementEssential Metrics for Palliative Care Management
Essential Metrics for Palliative Care Management
Care Coordinations
 
.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD
.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD
.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD
samahesh1
 
the IUA Administrative Board and General Assembly meeting
the IUA Administrative Board and General Assembly meetingthe IUA Administrative Board and General Assembly meeting
the IUA Administrative Board and General Assembly meeting
ssuser787e5c1
 
Roti bank chennai PPT [Autosaved].pptx1
Roti bank chennai PPT [Autosaved].pptx1Roti bank chennai PPT [Autosaved].pptx1
Roti bank chennai PPT [Autosaved].pptx1
roti bank
 

Recently uploaded (20)

Dimensions of Healthcare Quality
Dimensions of Healthcare QualityDimensions of Healthcare Quality
Dimensions of Healthcare Quality
 
Yemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .pptYemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .ppt
 
Myopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptxMyopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptx
 
Demystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdf
Demystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdfDemystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdf
Demystifying-Gene-Editing-The-Promise-and-Peril-of-CRISPR.pdf
 
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
 
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.pptNursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
 
Navigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and BeyondNavigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and Beyond
 
The Importance of Community Nursing Care.pdf
The Importance of Community Nursing Care.pdfThe Importance of Community Nursing Care.pdf
The Importance of Community Nursing Care.pdf
 
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptxBOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
 
Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...
Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...
Global launch of the Healthy Ageing and Prevention Index 2nd wave – alongside...
 
POLYCYSTIC OVARIAN SYNDROME (PCOS)......
POLYCYSTIC OVARIAN SYNDROME (PCOS)......POLYCYSTIC OVARIAN SYNDROME (PCOS)......
POLYCYSTIC OVARIAN SYNDROME (PCOS)......
 
A Community health , health for prisoners
A Community health , health for prisonersA Community health , health for prisoners
A Community health , health for prisoners
 
Empowering ACOs: Leveraging Quality Management Tools for MIPS and Beyond
Empowering ACOs: Leveraging Quality Management Tools for MIPS and BeyondEmpowering ACOs: Leveraging Quality Management Tools for MIPS and Beyond
Empowering ACOs: Leveraging Quality Management Tools for MIPS and Beyond
 
How many patients does case series should have In comparison to case reports.pdf
How many patients does case series should have In comparison to case reports.pdfHow many patients does case series should have In comparison to case reports.pdf
How many patients does case series should have In comparison to case reports.pdf
 
Neuro Saphirex Cranial Brochure
Neuro Saphirex Cranial BrochureNeuro Saphirex Cranial Brochure
Neuro Saphirex Cranial Brochure
 
CONSTRUCTION OF TEST IN MANAGEMENT .docx
CONSTRUCTION OF TEST IN MANAGEMENT .docxCONSTRUCTION OF TEST IN MANAGEMENT .docx
CONSTRUCTION OF TEST IN MANAGEMENT .docx
 
Essential Metrics for Palliative Care Management
Essential Metrics for Palliative Care ManagementEssential Metrics for Palliative Care Management
Essential Metrics for Palliative Care Management
 
.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD
.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD
.Metabolic.disordersYYSSSFFSSSSSSSSSSDDD
 
the IUA Administrative Board and General Assembly meeting
the IUA Administrative Board and General Assembly meetingthe IUA Administrative Board and General Assembly meeting
the IUA Administrative Board and General Assembly meeting
 
Roti bank chennai PPT [Autosaved].pptx1
Roti bank chennai PPT [Autosaved].pptx1Roti bank chennai PPT [Autosaved].pptx1
Roti bank chennai PPT [Autosaved].pptx1
 

Reasons for the Popularity of Medical Record Theft

  • 1. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 1 PROTECTING MEDICAL RECORD DATA REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT
  • 2. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 1 Introduction After a slew of data breaches in 2014, the FBI warned the healthcare industry that cyber-criminals would be direct- ing more attention their way in 2015 [1]. The healthcare industry, valued at $3 trillion, has become an increasingly valuable target for cyber thieves, and in some cases, a much easier target to attack, due to their often less than adequate investment in cyber security. What is it about the healthcare industry that has captured the cyber crimi- nals’ interest in the last few years [2]? Overview of Data Breaches in 2014 At the end of each year, the Identity Theft Resource Center (ITRC) produces a comprehensive data breach report, which shows the total number of data breaches and records stolen for each industry represented [3]. The data is taken from credible sources, including the Attorney General’s website and includes data breaches that occurred in the year of the report or breaches that were made public in the year of the report. 2014 was a big year for data breaches in general; according to the ITRC, there were a total of 761 breaches in 2014, amounting in 83,176,279 exposed records. The following industries were included in the report: • Credit/Financial • Business • Education • Government/Military • Healthcare
  • 3. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 2 Of the industries represented, the healthcare industry had the highest number of total breaches in 2014: 322 out of a total of 761 breaches. Of this total, the healthcare industry accounts for 42.3% of total breaches, followed by business (32.7%), government/military (11.8%), education (7.6%), and finally the credit/financial industry (5.5%). In terms of the total amount of records stolen or compromised by breaches in 2014, the business sector had the highest at 65,896,115, followed by the healthcare industry at 8,255,247 records [4]. It might be surprising to some that the banking industry only had 1,185,492 records stolen compared to the healthcare industry, especially when you think about how frequently credit card fraud makes the news. It’s not often that you hear about someone who had their medical record stolen. Unfortunately, stolen medical record data is not usually reported in a timely manner; it can often take years before someone discovers that the data has been compromised. Unlike stolen medical records, stolen credit card information is usually reported rather quickly, due to banks’ monitoring for suspicious account activity.
  • 4. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 3 Comparing Medical Records to Credit Card Data In order to understand why the healthcare industry is such a big target for cyber-criminals, you have to understand the value of a stolen medical record. Personal banking information is still valuable to the average cyber thief, but it doesn’t have nearly as high of a payout as that of a medical record. Reuters placed a value on stolen medical information that is 10 times more than that of credit card data [5]. According to data collected from monitoring exchanges on the black market, the director of threat intelligence at PhishLabs estimates the value of stolen medical information to be around $10 per record, and that is on the low end of black market prices (see reference 7 below). Some sources claim that they can be sold for as much as $60 to $70 per record. In the ITRC report mentioned above, of 322 reported breaches for the healthcare industry, 289 breaches resulted in confirmed quantities for the number of records stolen. The average amount of records stolen per known breach was around 28,564. If each medical record is assumed to be worth a minimum of $10, then the average payout for cyber-criminals from each breach would be at least $285,640, and that is considered to be a conservative estimate. If a record were assumed to be worth around $60-$70, then the average payout would be over $1.7 million per breach [6]. Credit card data, on the other hand is worth around $1 per record, so cyber-criminals would have to steal at least 10 times as many banking records to realize similar profits. Medical records sell at a high price because they contain personal data such as names, addresses, social security numbers, birth dates, billing information, among other information. This information is used by cyber-criminals to create fake IDs that can be used to buy medical equipment or drugs that can be resold later, or to file false insurance claims using patient data [7].
  • 5. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 4 Industry Spending on Cyber Security Hospitals are often easier targets for cyber-crime because they lack the proper cyber security defenses [8]. Healthcare spending for cyber security is known to be low, compared to other regulated industries. Nuclear facilities, for example, are well protected as they have numerous safeguards in place to prevent the infiltration of outside threats [9]. In a 2012 report released by the Ponemon Institute, the healthcare industry listed a lack of funds as one of the main obstacles preventing them from taking the proper steps toward better data security practices [10]. ABI Research recently reported estimates that worldwide healthcare spending on cyber security will be around $10 billion by 2020 [11]. This may seem like a hefty sum, but it only amounts to about 10% of the amount spent on cyber security by the critical infrastructure industry. By comparison, the financial industry is expected to spend $9.5 billion in 2015 alone [12]. We know how much cyber-criminals stand to gain from a healthcare industry data breach, but how much do these data breaches cost the companies who are affected? According to another report released by Ponemon in 2014, the average cost of a data breach for a company in the healthcare industry was around $2 million over a two-year period [13]. When looking at potential damages of this magnitude, the case for investing in additional cyber security defenses becomes clearer. Healthcare spending on cyber security will be around $10 billion by 2020
  • 6. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 5 The Problem with BYOD One of the biggest concerns facing the healthcare industry is the increased adoption of BYOD by medical professionals. Physicians adopting BYOD and using personal laptops, smartphones and tablets is problematic because they may not be properly secured/in full compliance with HIPAA. According to a recent report, 88% of healthcare organizations said they permitted employees and other medical staff to use personal devices for work purposes [14]. More than half of those same organizations claimed they did not have visibility to the security status of those BYOD devices. If organizations are not certain of the security of a device, they how can they effectively protect any patient data contained therein? Although many healthcare organizations allow medical staff to use personal devices for work purposes, their IT departments do not adequately support that use [15]. There seems to be some sort of disconnect between the Electronic Medical Record (EMR) tools that are chosen by the IT department and the willingness of medical professionals to use those tools. Oftentimes, the medical staff decides against using new tools such as secure HEALTHCARE INDUSTRY ADOPTION OF BYOD 12% Organizations not permitting BYOD among 88% Organizations permitting BYOD among
  • 7. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 6 messaging and desktop virtualization because they find the technology to be too time-consuming to use. In a study recently released by Spyglass Consulting, 70% of physicians interviewed claimed that their IT department wasn’t making adequate progress towards supporting mobile computing and communication requirements [16]. This statistic was alarming because 96% of those same physicians claimed to be using their personal smartphone for clinical communication purposes. Inefficient support of physician’s mobile devices results in communication issues, which in turn leads to higher costs created by communication delays. In July of 2014, the Ponemon Institute found that the average annual cost for hospitals due to communication workflow issues was $1.75 million. The healthcare industry clearly needs to find a way to integrate BYOD trends without compromising the security of devices. IT SUPPORT OF MOBILE COMPUTING & COMMUNICATION REQUIREMENTS 30% Physicians with adequate IT support 70% Physicians without adequate IT support
  • 8. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 7 Solutions for Preventing Future Breaches With healthcare industry data breaches predicted to increase in 2015, organizations must take the proper precautions to avoid hefty fines resulting from HIPAA violations. Multi-scanning Technology As a requirement for HIPAA, installing an antivirus product is an important layer of protection. Metascan® multi- scanning technology leverages the power of over 40 antivirus engines to scan data as it enters an organization or is transmitted internally. By choosing multi-scanning, organizations reduce the risk that that malware will enter their network; what one antivirus engine doesn’t detect another often will. Metascan also provides document sanitization capabilities that allows users to prevent infections by advanced threats and/or zero-day attacks by converting potentially dangerous file types to remove embedded malware. To learn more about Metascan, please visit https:// www.opswat.com/products/metascan/explore. Protection of Endpoints If devices connecting to a hospital’s internal network cannot be confirmed as secure, then how can organization expect to avoid a possible data breach? Proper host checking and monitoring of endpoint security status is imperative as more physicians adopt BYOD practices. Traditionally this has been possible but not simple for managed devices, where IT has extensive visibility and control over each device touching the network. Non-IT managed assets, ranging from employee-owned PCs to Mac laptops and even Linux devices, provide significantly
  • 9. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 8 less visibility to IT departments. These devices may be running low-quality antivirus products, if any at all. Additionally they may or may not have full disk encryption in place, be running an unpatched operating system, or even be actively infected with malware or keyloggers. This endpoint visibility challenge is unique and difficult to address while still maintaining the spirit of BYOD policies. Some MDM (Mobile Device Management) products have addressed this using techniques like containerization and app-wrapping, but the issue is largely unaddressed for desktops and laptops. Gears is an endpoint compliance and monitoring tool that can be used to report the security status of a device. Gears is ideal for improving BYOD security, as it allows IT administrators to block or allow devices based on whether they meet certain criteria, such as having an antivirus or full disk encryption product installed. The application also reduces IT support costs as end users can self-remediate connection issues for industry-leading NAC and SSL-VPN solutions. To learn more about Gears, please visit https://www.opswat.com/products/gears. Improved Email Security A phishing attack is believed to be the cause of the recent Anthem breach, where stolen employee credentials were used to gain access to a secure network. In order to avoid this type of attack, the healthcare industry must invest in the proper email security software. Policy Patrol Security for Exchange provides the necessary tools for blocking spam and phishing emails and has a strict policy for preventing harmful content from being sent to or from an organization. Additionally, Policy Patrol can search email attachments for keywords and regular expressions, making sure no confidential content such as
  • 10. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 9 credit card data or social security numbers are sent via unsecured email. This is ideal for ensuring that patient data is not exposed via email. To learn more about Policy Patrol, please visit https://www.opswat.com/products/policy- patrol. Summary Industry-wide spending on cyber security remains low, despite the fact that healthcare is the largest target for cyber-criminals. If organizations in the healthcare sector want to reduce their risk of cyber-attack, they are going to have to re-evaluate their views on security. Too often, investment in cyber security occurs after a breach has already taken place and patient data has already been compromised. If organizations find the right security tools they can protect patient data while addressing organization-wide communication issues, saving the valuable time of medical staff and avoiding the potential loss of millions in data-breach recovery costs. About OPSWAT OPSWAT is a San Francisco based software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, OPSWAT delivers solutions that provide manageability of endpoints and networks, and that help organizations protect against zero-day attacks by using multiple anti-malware engine scanning, data santization, and file filtering. OPSWAT’s intuitive applications and comprehensive development kits are deployed by SMB, enterprise, and OEM customers to more than 100 million endpoints worldwide.
  • 11. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 10 OPSWAT’s software management solutions offer streamlined technology partnerships between leading technology solutions and software vendors. By enabling seamless compatibility and easy management capabilities, we allow network security and manageability solutions to provide visibility and management of multiple application types installed on an endpoint, as well as the ability to remove unwanted or non-compliant applications. Our innovative multi-scanning solutions deliver anti-malware protection with increased detection rates and minimized performance overhead. In addition to maximizing detection rates, we provide the ability for customers to easily adapt our solutions to their existing infrastructure to add control over the flow of data into and out of secure networks.
  • 12. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 11 References [1] Jim Finkle, “Exclusive: FBI warns healthcare sector vulnerable to cyber attacks,” [Online]. Available: http://www. reuters.com/article/2014/04/23/us-cybersecurity-healthcare-fbi-exclusiv-idUSBREA3M1Q920140423. [Accessed 5 March, 2015]. [2] Mike Orcutt, “2015 Could Be the Year of the Hospital Hack,” [Online]. Available: http://www.technologyreview. com/news/533631/2015-could-be-the-year-of-the-hospital-hack/. [Accessed 5 March, 2015]. [3] Identity Theft Resource Center, “2014 Data Breach Stats,” [Online]. Available: http://www.idtheftcenter.org/ images/breach/ITRC_Breach_Stats_Report_2014.pdf. [Acessed 5 March, 2015]. [4] Identity Theft Resource Center, “2014 Data Breach Category Summary,” [Online]. Available: http://www. idtheftcenter.org/images/breach/ITRCBreachStatsReportSummary2014.pdf. [Acessed 5 March, 2015]. [5] Rob Waugh, “Healthcare data worth ten times price of credit card data,” [Online]. Available: http://www. welivesecurity.com/2014/09/25/healthcare-security/. [Acessed 5 March, 2015]. [6] Kris Van Cleave, “Anthem highlights desireability of stolen health records,” [Online]. Available: http://www. cbsnews.com/news/do-hackers-have-your-health-records/. [Acessed 5 March, 2015]. [7] Caroline Humer, “Your medical record is worth more to hackers than your credit card,” [Online]. Available: http:// www.reuters.com/article/2014/09/24/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924. [Acessed 5 March, 2015]. [8] Tom Murphy, “Health records are easy targets for hackers,” [Online]. Available: http://www.dispatch.com/ content/stories/business/2015/02/15/health-care-records-are-easy-targets-for-hackers.html?utm_ content=12155422&utm_medium=social&utm_source=linkedin. [Acessed 5 March, 2015].
  • 13. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 12 [9] NEI, “Cyber Security for Nuclear Power Plants,” [Online]. Available: http://www.nei.org/Master-Document- Folder/Backgrounders/Policy-Briefs/Cyber-Security-Strictly-Regulated-by-NRC;-No-Addit. [Acessed 5 March, 2015]. [10] Ponemon Institute, “2012 Cost of Cyber Crime Study,” [Online]. Available: http://www.ponemon.org/local/ upload/file/2012_US_Cost_of_Cyber_Crime_Study_FINAL6%20.pdf. [Acessed 5 March, 2015]. [11] ABI Research, “Healthcare Cybersecurity a Massive Concern as Spending Set to Reach Only US $10 Billion by 2020,” [Online]. Available: https://www.abiresearch.com/press/healthcare-cybersecurity-a-massive-concern- as-spen/. [Acessed 5 March, 2015]. [12] Cybersecurity Ventures, “Cybersecurity Market Report,” [Online]. Available: http://cybersecurityventures. com/cybersecurity-market-report-q2-2015/. [Acessed 5 March, 2015]. [13] Ponemon Institute, “Fourth Annual Benchmark Study on Patient Privacy & Data Security,” [Online]. Available: https://www.privacyrights.org/sites/privacyrights.org/files/ID%20Experts%204th%20Annual%20 Patient%20Privacy%20&%20Data%20Security%20Report%20FINAL.pdf. [Acessed 5 March, 2015]. [14] Herb Weisbaum, “Heath care system’s $5.6 billion security problem,” [Online]. Available: http://www.cnbc. com/id/101488137. [Acessed 5 March, 2015]. [15] John Comstock, “Report: Most physicians use BYOD smartphones, but lack support from hospital IT,” [Online]. Available: http://mobihealthnews.com/39718/report-most-physicians-use-byod-smartphones-but- lack-support-from-hospital-it/. [Acessed 5 March, 2015]. [16] FierceMobileIT, “Study: Hospital IT Paying LIP Service to Address Physician Mobile Requirments, Says Spyglass Consulting Group,” [Online]. Available: http://www.fiercemobileit.com/press-releases/study-hospital-it- paying-lip-service-address-physician-mobile-requirements. [Acessed 5 March, 2015].
  • 14. REASONS FOR THE POPULARITY OF MEDICAL RECORD THEFT | PAGE 13 http://www.opswat.com Disclaimer. © 2015. OPSWAT, Inc. (“OPSWAT”). All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. OPSWAT is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. Though reasonable effort has been made to ensure the accuracy of the data provided, OPSWAT makes no claim, promise or guarantee about the completeness, accuracy and adequacy of information and is not responsible for misprints, out-of-date information, or errors. OPSWAT makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical.