Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
New Haven, CT filed over $200k for former employee’s data theft
- This topic has 0 replies, 1 voice, and was last updated 3 months, 3 weeks ago by .
This is an interesting article; apparently the city of New Haven, CT’s Health Department was fined over $200,000 by the U.S. Dept. of Health and Human Services Office for Civil Rights, due to violating their own employee termination procedures and access controls.
After a rogue employee was terminated, network administrators failed to *terminate the employee’s access from the system*. Eight days after being terminated, the employee returned to her old office, the City Health Department, and logged into her old computer, where she downloaded protected health info onto a USB drive.
The health info contained almost 500 patient records with highly sensitive STD data, as well as other PII. This story is an excellent example of why it is SO important to make those personnel updates to access immediately. Here’s a link to the full story:
You must be logged in to reply to this topic.