Welcome to the Nexus of Ethics, Psychology, Morality, Philosophy and Health Care

Welcome to the nexus of ethics, psychology, morality, technology, health care, and philosophy

Thursday, January 26, 2012

Small medical practices greatly at risk for data breaches

They often lack sophisticated technology to deter thieves, making them bigger targets.

By PAMELA LEWIS DOLAN, amednews staff. Posted Jan. 16, 2012.

Data breach experts are issuing a warning to small practices -- don't be the vulnerable target that data thieves assume you are.

Kroll Fraud Solution's Top Cyber Security Trends for 2012 reported that small practices are more susceptible to security vulnerabilities because they are "the path of least resistance." Many rely on outdated technology. Basic security protections, such as proper use of encryption, often are overlooked as practices focus on meeting regulatory requirements, such as those related to meaningful use.

Small practices often lack the technical sophistication to know what tools to put in place to avoid attacks, said Jason Straight, managing director of Kroll's Cyber Security and Information Assurance unit. Or they have the right tools, but the tools are not implemented or monitored correctly, he said. One example is having incorrectly installed data encryption.

Large organizations have become more "hardened," meaning they spend more money to safeguard their data, said Beth Givens, founder and director of the Privacy Rights Clearinghouse, an education and advocacy group that has tracked publicly reported data-breach trends across all industries since 2005. "It only stands to reason [that data thieves] would go after small practices," she said.

The story can be found here.