Keeping Private Health Data Private - "Inadvertent Disclosures" with Peer to Peer Networks
Posted Mar 24 2009 3:57pm
This is a video well worth watching as he explains how peer to peer software can lead to problems and data on the web that should not be there. When finding data on the web, sometimes things are mistaken as a full on “breach” when in fact it is really an “inadvertent disclosure”, in other words no security was compromised from the operating system, but rather information was leaked out due to security configurations and use of peer to peer networks on computers, although the end result is the same, information being on the web that should not be there.
Peer to peer at work, most administrators have this blocked, but what about the remote employee who copies information to their hard drive and uses a peer to peer software program for music, etc. Many times, more is shared than one wants, and most of the time it is a novice user that doesn’t understand or know how to use a peer to peer network security thus things are shared inadvertently. One potential solution though would e some added software to the VPN to automatically close any software it may see as a threat before a connection could be made. BD
We’ve talked about Google, Microsoft and WebMD services that encourage people to upload, store and manage their medical records online. The upside: you and your doctors can have immediate access to your medical information when you need it. The downside: security. As it turns out, voluntarily uploading our health records may be the least of our worries. Researchers at Dartmouth’s Tuck School of Business found that plenty of doctors, hospitals and health care organizations are inadvertently leaking our data online for us.
Dr. Eric Johnson is director of the Center for Digital Strategies at Tuck, and he and his team went online and found reams of personal health records in public cyberspace. He joins us to talk about what they found.