Tuesday, April 24, 2007

Security - Making information secure

Working in the Information Technology field, I believe that security should be a primary concern. Unfortunately, from previous experience, this is a secondary or byproduct for most of the management staff and bean-counters. (Security costs Money!) Here is a prime example of why security should be a concern for any company.

On April 10th, “A disk containing the names, birth dates and Social Security numbers of 2.9 million Medicaid and children's health care recipients is missing, Georgia health officials said Tuesday. The state said the security breach was reported by Affiliated Computer Services, a private vendor. ACS did not immediately return a phone call seeking comment. The Georgia Department of Community Health said it was requiring the Dallas-based company to notify everyone affected and to offer free credit reports. The children's health care program involved in the data loss is called PeachCare. Officials said the information, also including addresses, went back four years and included some people who are no longer on the rolls. State officials said they had notified the Centers for Medicare and Medicaid Services, the U.S. Department of Health and Human Services, the Governor's Office of Consumer Affairs and the state Attorney General.”

They better hope that the U.S. Department of Health and Human Services (HHS) or Health Care Financial Administration (HCFA) does not show up on your doorstep because of a HIPAA violation OR ACS may cease to exist. These people will personally take your birthday away, financially bankrupt you, and then throw you into jail – just to add insult to injury.

No comments: