Department of Health and Human Service’s HIPAA Breach Reporting Tool
Company reports of health data breaches affecting 500 or more individuals must be reported. Yeah but how much time do they get before they have to report it?
In August 2020, Ursem and privacy blogger DataBreaches.net published a paper describing nine data leaks found on GitHub public repositories involving PHI (see: Medical Records Exposed Via GitHub Leaks).
“Most often, the focus is on the front-end security controls of an application that control access to databases. Hackers will often attack the backend – databases.”
“Therefore, security needs to be assessed from the backend – databases and data repositories – as well as the front-end apps – the user-friendly interface,” . . .
Rob Fuller: One of my favorite interview questions is asking someone what they believe the top 10 security issues companies have today. You will know exactly how much experience, forethought, maturity, and technical skill someone has just from that one question.