Why is Healthcare Data So Valuable to Cyber Criminals?

Healthcare data is one of the most desirable forms of data for cyber criminals to steal because its value on the cyber black market — the Dark Web — is much higher than most other forms of data. While there are several reasons for this, the recent study Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims, concluded Continue reading “Why is Healthcare Data So Valuable to Cyber Criminals?”

Does Data Security Have Your Healthcare Practice “On the Hook”?

hook-159682I recently had the pleasure of presenting in a webinar series titled Is Your Practice “On the Hook?” to members of the Texas Dental Association and the Oklahoma Dental Association. Key points of the presentation, which focused on cyber security and data breaches in the healthcare industry, explained why protected health information (PHI) and electronic healthcare records are so valuable to cyber criminals and provided case studies of recent data breaches in the healthcare industry.

This presentation was arranged by my friend Larry Lewis (@SmartTraininglc) at Smart Training, LLC. If you are interested in obtaining a replay of this presentation, please contact Larry at Smart Training, LLC.


About the author

Shawn Tuma is a lawyer who is experienced in representing and advising clients on digital business risk which includes complex digital information law and intellectual property issues. This includes things such as trade secrets litigation and misappropriation of trade secrets (under common law and the Texas Uniform Trade Secrets Act), unfair competition, and cyber crimes such as the Computer Fraud and Abuse Act; helping companies with data security issues from assessing their data security strengths and vulnerabilities, helping them implement policies and procedures for better securing their data, preparing data breach incident response plans, leading them through responses to a data breach, and litigating disputes that have arisen from data breaches. Shawn is a partner at BrittonTuma, a boutique business law firm with offices near the border of Frisco and Plano, Texas which is located minutes from the District Courts of Collin County, Texas and the Plano Court of the United States District Court, Eastern District of Texas. He represents clients in lawsuits across the Dallas / Fort Worth Metroplex including state and federal courts in Collin County, Denton County, Dallas County, and Tarrant County, which are all courts in which he regularly handles cases (as well as throughout the nation pro hac vice). Tuma regularly serves as a consultant to other lawyers on issues within his area of expertise and also serves as local counsel for attorneys with cases in the District Courts of Collin County, Texas, the United States District Court, Eastern District of Texas, and the United States District Court, Northern District of Texas.

Why do cyber criminals want your healthcare data?

During a recent presentation a member of the audience asked me why cyber criminals would want to steal a person’s healthcare data. It is easy to understand why they would want to steal payment card data — but healthcare data — not so obvious. Here is a great answer:

A crook would love [healthcare data] because, “in the world of black market information, a medical record is considered more valuable than everything else,” says Larry Ponemon, the Institute’s founder.

The study was sponsored by ID Experts, and its founder, Rick Kam, says that the “black market is being flooded with payment card data.” Health care data includes a Social Security number and personal health record—data that sticks around for a long time, versus a credit card number.

via Healthcare Data under Attack | Robert Siciliano.


Upcoming Webinar: Anatomy of a Data Breach

I am looking forward to presenting a (free) webinar for healthcare professionals on “Anatomy of a Data Breach.”

The webinar is free because it is being brought to you by the great folks at SmartTraining, LLC. You can learn more about the topics that will be covered on this page. It will be from 12:00 PM to 1:30 PM on Wednesday, July 31, 2013.

For more information, feel free to ask me or click the following to email SmartTraining, LLC or find them on Twitter @SmartTraininglc.

You can register right HERE.

What do the penalties look like for a HIPAA violation?

Here you go — they are rising and here is where they currently stand. As you can see, data breach is serious business and serious for your business.

Did Not Know $100 – $50,000 $1,500,000
Reasonable Cause $1,000 – $50,000 $1,500,000
Willful Neglect – Corrected $10,000 – $50,000 $1,500,000
Willful Neglect – Not Corrected $50,000 $1,500,000

You can read the full article here: HIPAA Violation Penalties Rise in Response to Data Breaches | SmartData Collective.