Where are the data leaks coming from?
The database has been central to the technology landscape since the 1960s. EHR vendors utilize databases as a central component of their technologies. Specific types of data are stored in specialized repositories.
As organizations are realizing the value of their data assets, databases are becoming a target. If security controls on databases are not robust, hackers who break through the network perimeter can gain entry. And yet, hackers may not be the biggest threat.
Threats are often likely to come from within, by either human error or unauthorized use. Breaches are tracked and analyzed in numerous places including this recent Profitable Practice article by Melissa McCormack of Software Advice.
Organizations seem to be unaware of the total cost of a breach to them. The Ponemon Institute indicates that the cost of a breach is $305 per patient record -- A daunting amount once a breach occurs. So is our focus correct? We are spending all that money trying to protect the perimeter, but what happens once someone either breaks in or lives inside?
Many organizations send actual copies of production data to other locations both inside and outside the organization. Few are de-identifying, or masking that data even though the Verizon Data Breach report indicates that organizations need to eliminate unnecessary copies of real data in their environments.