Question

evaluate at least three categories of data that could be found in a healthcare organization and to determine the relative value of that data to an outside attacker. Categories of information could include health history, scheduled procedures, lab test results, medication record, payer information (e.g. Insurance, Medicaid, Medicare info), personal information (including birthdate, address, ssn), or others.

Indicate the following for each of the three categories you choose:
1. Type(s) of harm that could occur from breach: reputation, financial, health related, other (include at least a 2-3 sentence explanation for each type of harm that may result)
2. Impact of the harm on the individual: low, med, high (Include a 2-3 sentence explanation. Minor inconvenience would be low. Death would be high.)
3. Impact of the harm on organizations: low, med, high (Include a 2-3 sentence explanation. This could include both the healthcare organization and any other organization that may be impacted financially (e.g. credit card companies) or otherwise by the breach.)
4. Impact of the harm on society: low, med, high (Include a 2-3 sentence explanation. If only a few individuals are harmed then the impact on society would be low even if the impact on the individual might be high.)
5. Difficulty of the attack: low, med, high (Include a 2-3 sentence explanation. How hard do you think it would be for an outside attacker to access this information? Feel free to use your current organization as a point of reference for your answer. For example, if no one in your organization has access to outside websites, then the difficulty of attack might be much higher.)

Answer 1

1.Breach of data has more serious consequences . One such consequences is losing reputation. The people themselves can find out the data is stolen and some donot know that they are a victim.They lose their confidence on the healthcare organisation as their data is not safe. These datas are used by criminals to purchase provision of medical care to someone else using victim's name. The identity of the victim is used to purchase items, fradulent activities like billing of care and filling prescriptions.The patient suffer financial losses and so they change insurance plans and also change healthcare provider.

2.Impact on individual from data breach is high , sometimes low . When a healthcare record is stolen , the criminals use it to make money and they steal the identity. They also use the data to Blackmail the victim. This can lead to even death of the victim because of losing their dignity. The datas may be used to deliver any malwares to unsuspecting users in an attempt to obtain sensitive informations like passwords, username to access the credit card details to loot money.

3.Due to breach of data some victims change their healthcare provider and also insurance plans to escape financial losses . The insurance companies also face consequences by losing a client. Because of healthcare breach the healthcare organisation should plan a remedy which includes the investigation of the breach, the implementation of measures to prevent future breaches by changing passwords or updating the security software, notification of victims and provision of identity-theft protection and repair services cost widely. So it is a major harm to healthcare organisations because it is tougher to rebuild the reputation.

4.Impact on soceity is more because the people lose their trust on healthcare. Healthcare is a key target of ransomware . So the breaches tend to occur often . Stolen data of people are used for fradulents even internationally acts as a threat to peace and prosperity of nations.