The lawsuit alleges the former employee misappropriated confidential data prior to leaving her job and used the information for financial fraud or ID theft, and violated state and federal laws, including HIPAA.
"The breached information includes "highly sensitive and confidential proprietary and trade secret information," including pediatric patient health information;...state license numbers healthcare providers; and attorney-client privileged information."Unfortunately studies suggest a majority of employees take corporate data from former employers. And it's not just departing employees that organizations need to worry about - current employees can inappropriately access patient and corporate information.
- Lawsuit filed by Atlanta pediatric system
The threat of insider data theft requires prevention and proactive detection. Access to data must be restricted to the minimum needed to perform their job. Proactive detection of data breaches can be accomplished with low-cost on-demand SaaS analytics services. This approach applies behavioral analytics, not just static rules, to discern which access is work related and which is a data breach.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Hospital Insider Breach Leads to Lawsuit - www.HealthcareInfoSecurity.com, 11/4/2013