Report Verizon : violated 9 out of 10 companies

By | Wednesday March 23rd, 2016

The 2015 edition of the Protected Health Information Data Breach Report, released by Verizon and based on a database of protected health information (PHI), amounting to 392 million records, and over 1,931 incidents detected in 25 countries.

What’s most alarming is that 90% of companies involved in the survey suffered violations of personal health data. The number of external attacks and internal ones, detected by Verizon, is almost equal, with a difference in favor of external ones of just 5 percent. This highlights, the report explained, a high internal rate of illicit businesses, where often the subtraction of this health data was done with malicious intent.

Who attacks the database does not only seek health information, but in general Personal Identifiable Information (PII), such as your credit card or social security number, because they are useful to perpetrate financial or tax fraud crimes. The latter type of violations generally born following the theft of mobile devices (laptops, tablets, USB sticks), because of simple mistakes such as sending medical records to the wrong recipients or by losing the device.

There is a need to invest more in the Data Protection & E-Privacy

Category: Data Breach Open Forum Tags:

About Agostino Oliveri

Agostino Oliveri Data Protection Officer – Privacy Consultant e Auditor Certificated (Num. Reg. DPO 1529 secondo gli standard UNI CEI EN ISO IEC 17024:2012 e 17065:2012 e disciplinato ai sensi legge 4/2013) We work mainly in the field of IT SECURITY with the provision of services and solutions to some penetration testing and security baseline. We provide consultancy to achieve the adjustments required under the law in the area of ​​security of data processed by computer equipment, law 196/2003 (the new Privacy Code undergoing change), law 231/2001 (protection from company computer crimes), adaptation of security bodies to DM 1.12.2010 num. 269, preparation of the feasibility study and business continuity plan in accordance with Article. 50-bis of the Administrative Code digital support for all matters related to the DL 33/2013 on Transparency and L. 190/2012 Anticorruption, we offer consultancy for achieving quality certification according to ISO 9001 and safety according to ISO 27001 certification for information and services for STAR mode CLOUD COMPUTING. I think the significant experience gained with multinational companies has allowed us to achieve a certification of expertise in some areas and very important issues and I think it can be a path to significant and important to share. Then in the light of the many regulatory changes that will have a very important impact on companies, I believe we need a prudent approach and prior verification and certification of existing solutions adopted in order to avoid incurring heavy fines in addition to the guarantee of safety of its corporate assets.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.