The Security Scrutinizer with Howard Anderson

Lawsuits: A Breach Prevention Catalyst? Yet Another Reason to Safeguard Health Data

The survey shows:

  • 43 percent of organizations have a defined information security budget;
  • 69 percent of organizations devote 3 percent or less of their IT budgets to information security;
  • 65 percent do not have a portion of their IT budget specifically allocated for information breach detection, response and notification costs;
  • 40 percent don't yet have a documented information security strategy in place;
  • 43 percent grade their ability to counter external and internal information security threats as poor, failing or in need of improvement.

In recent weeks, class action lawsuits have been filed in response to several major health information breaches (see: More Breach Class Action Lawsuits Filed).

See Also: Top Trends in Cybercrime; 411 Million Attacks Detected in Just 3 Months

The recent surge in class action lawsuits is yet another compelling reason for organizations to make necessary investments in privacy and security safeguards. 

The lawsuits, which are seeking many billions of dollars for failure to adequately protect patient information, provide yet another reason to ramp up information security efforts, especially investments in technologies, such as encryption, that can have a major impact on breach prevention.

"The recent surge in class action lawsuits is yet another compelling reason for organizations to make necessary investments in privacy and security safeguards," says Adam Greene, a partner at the Washington law firm Davis Wright Tremaine who formerly worked at the Department of Health and Human Services' Office for Civil Rights, which enforces HIPAA. "Whether or not a class action suit is successful, defending such a suit represents a significant drain of time and money and ensures unwelcome headlines. Additionally, if one of these suits succeeded in court, the damages could be staggering, and the precedent could have a huge impact across the industry."

So when the time comes to prepare your IT budget, have the headlines about class action lawsuits handy to show those who hold the purse strings.



About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Howard J. Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 34 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network