The four common causes of data breaches includes the absence of policy, unencrypted dives, lack of security defenses and insider negligence [22]. Insider negligence of private information is one of the top reasons for a data breach. This includes an employee accident that leads to a data breach, and the use of a third-party that is negligent. For example, in 2009 an unencrypted laptop was stolen from the car of an Oregon Health & Science University employee which exposed the information of about 1,000 patients. This story and others shows the issue of insider negligence but also shines a light on the usage of encrypted information and device policy issues. The absence of policy and unencrypted devices are common …show more content…
In this instance employees use their own device for work procedures. And although many organizations may have a policy regarding securing personal devices, it is often not put into practice and thus increasing the vulnerability of the data. For example, a doctor could access personal health data on an unsecure network and send it to their personal email. The emailing private health information to an email is a HIPAA violation and using an unsecure network leaves your device open for intrusion. The last common cause of data breach is the lacy of security defense. Many hospitals are doing the best that they can but they lack the resources and personnel to obtain adequate defenses.
D. Federal Regulations
Are federal regulations encouraging the theft of protected health information? Security officers see issues with …show more content…
This includes making sure that all stakeholders are involved, get a full understanding of what the organization is obligated to do, understand and make note of how all protected health information is transmitted, disclosed, stored, received, and accessed, find vulnerabilities and address them, document the security practices and results, and perform periodic risk