NHS Cautions Patients of Possible Data Breach

Recently, the National Health Service (NHS) Bury, in United Kingdom (U.K) reportedly alerted patients on possible data breach

Albuquerque, NM (prHWY.com) June 3, 2011 - Albuquerque, NM, United States - While the incidents of data breach perpetrated by externals agents are on the rise, organizations also face the challenge of safeguarding data from internal agents. Employee initiated data theft may have much more adverse repercussions on the reputation and brand value of the organization. In fact, data theft by internal agents may have long-term implications on the business. Recently, the National Health Service (NHS) Bury, in United Kingdom (U.K) reportedly alerted around 189 patients on possible unauthorized access of their personal information. The Information Commissioner's Office (ICO) is prosecuting Martin Campbell, a former employee of a personal injury claims company under Section 55 of the Data Protection Act, after he acknowledged his role in gaining unauthorized access of personal data related to 29 patients. A nurse allegedly shared information with Martin Campbell, a former employee of a personal injury claims company. The data breach may affect patients who have visited Prestwich or Moorgate Primary Care walk in centers in 2010. The offender may have shared the collected information to generate leads for the claims company or even shared with third parties.

Organizations are required to maintain confidentiality and integrity of customer records. Patient records with health care centers may contain sensitive information such as names, age, addresses, contact numbers, medical history, health status, health plan beneficiary numbers, and medical insurance details. The extracted information could be misused for impersonation and making false claims. Offenders may also use social engineering techniques to extract more personal and financial information from individuals or lead them to fraudulent schemes.

Employee initiated data theft incidents may generate negative publicity in the media. Individuals having unauthorized access to employee database can misuse the information for personal purposes. Employee negligence and lack of awareness of legal and business implications may lead to data breach incidents. Disloyal and disgruntled employees may also carry out unauthorized activities and leak confidential data to third parties. As such, organizations must place high emphasis on information security and put in place measures to ensure protection of customer data. Organizations must create awareness among employees on the possible implications of unauthorized access on the company as well as the affected individuals. Workshops, training and online degree programs may enable health care employees to understand data protection and cyber security practices.

Access to computer systems containing confidential customer databases must be restricted to authorized individuals for legitimate and official purposes. Hiring professionals qualified in IT security and computer science degree programs will ensure implementation of appropriate monitoring mechanisms and information security practices.Implementation of adequate monitoring mechanisms is crucial to detect any unauthorized activity. Organizations must counsel and penalize employees not adhering to the information security practices. Regular assessment of the security threats and evaluation of security practices may help in initiation of corrective measures. Security audits and mock tests may also help in identifying threat vectors and compliance issues. Professionals may update themselves on the data protection laws, compliance requirements, security threats and notification requirements through webinars, workshops,online university degree and e-learning programs.

Contact Press

EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

###

Tag Words: primary care, patient data, national health service, data breach, nhs, ico, computer science degree, information security, unauthorized access

Categories: Internet

Link To This Press Release:

URL HTML Code