A.Who should be concerned
– anyone who manages “sensitive” data (e.g., colleges, hospitals, local and state governments).
B.Security Issues – PC and
server hard drives contain sensitive data, such as, but not
limited to the following: medical
records, financial data,
customer/employee data, intellectual property.
C.Recent Examples:
lKentucky
– discarded hard drives containing records of thousands
of patients with AIDS and other diseases (found in
internal audit).
lJury in West Virginia awarded $2.3M to
three woman whose confidential health records were not
kept private
l