By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    predictive analytics in dropshipping
    Predictive Analytics Helps New Dropshipping Businesses Thrive
    12 Min Read
    data-driven approach in healthcare
    The Importance of Data-Driven Approaches to Improving Healthcare in Rural Areas
    6 Min Read
    analytics for tax compliance
    Analytics Changes the Calculus of Business Tax Compliance
    8 Min Read
    big data analytics in gaming
    The Role of Big Data Analytics in Gaming
    10 Min Read
    analyst,women,looking,at,kpi,data,on,computer,screen
    Promising Benefits of Predictive Analytics in Asset Management
    11 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: PCI & HIPAA Data Breaches of 2012: Lessons Learned
Share
Notification Show More
Latest News
ai digital marketing tools
Top Five AI-Driven Digital Marketing Tools in 2023
Artificial Intelligence
ai-generated content
Is AI-Generated Content a Net Positive for Businesses?
Artificial Intelligence
predictive analytics in dropshipping
Predictive Analytics Helps New Dropshipping Businesses Thrive
Predictive Analytics
cloud data security in 2023
Top Tools for Your Cloud Data Security Stack in 2023
Cloud Computing
become a data scientist
Boosting Your Chances for Landing a Job as a Data Scientist
Jobs
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Privacy > PCI & HIPAA Data Breaches of 2012: Lessons Learned
Data ManagementPrivacyRisk ManagementSecurity

PCI & HIPAA Data Breaches of 2012: Lessons Learned

onlinetech
Last updated: 2012/12/17 at 7:34 PM
onlinetech
5 Min Read
SHARE

Here’s a review of the top 2012 data breaches within both the PCI and HIPAA compliant industries, and a quick analysis of what went wrong so you can easily learn from their lessons without accruing the associated costs and legalities.

Here’s a review of the top 2012 data breaches within both the PCI and HIPAA compliant industries, and a quick analysis of what went wrong so you can easily learn from their lessons without accruing the associated costs and legalities.

3.8 Million Tax Records Stolen in Largest State Agency Attack
Both Social Security and credit card numbers were stolen from the South Carolina Department of Revenue by hackers in August. A phishing email enabled hackers to steal credentials from users and eventually steal 74 GB of encrypted and unencrypted data.

Lessons learned: Encryption is a requirement for all organizations (including federal) that store credit card data and therefore need to meet PCI DSS compliance standards. One step ahead of encryption is administrative security, including training staff on security issues, which can prevent users from clicking on phishing emails and allowing the initial breach to occur. Check with any third-parties to ensure their staff is also properly trained.

More Read

cloud data security in 2023

Top Tools for Your Cloud Data Security Stack in 2023

Combat AI-Powered Threats with Cybersecurity Simulations & Other Practices
A Guide to Using XDR Threat Protection to Stop Data Breaches
Anti-Spoofing is Crucial for Data-Driven Businesses
Four Strategies For Effective Database Compliance

Server Hack Leads to HIPAA Violation by Utah Department of Health
In April, 780,000 individuals were affected in a server hack at the authentication level that allowed hackers to access and steal SSNs and personal health records from the Utah Department of Health. One server was not configured according to normal procedure, and this allowed hackers to access the system.

Lessons learned: Technical staff in particular need proper HIPAA compliance training to ensure servers are configured correctly, especially servers that may contain ePHI (electronic protected health information) at rest. The state of Utah remediated by hiring an auditing firm to conduct independent security/HIPAA audits across all of their state agencies, suggesting they had not undergone one prior to the event. They also assigned a privacy and security officer to the department of health and improved security controls by adding network monitoring and intrusion detection.

Global Payments Inc. PCI Data Breach Affects 1.5 Million
Nearly 1.5 million consumers were affected by hackers accessing Global Payments Inc.’s payment processing system in January and February.

Lessons Learned: While the details of the system breach have been kept under wraps, the lesson to be learned here is to do your due diligence in confirming all third-party vendors are, in fact, PCI compliant. Global Payments is a widely used electronic transaction processing company that had been listed on Visa’s Global Registry of service Providers. They were removed after the attack. Even if your providers claim to be PCI compliant, it’s your job to check the requirements against their actual documented policies and technical services, if applicable, to keep credit card data secure.


HIPAA Compliant Data CentersLearn about the specific HIPAA requirements for HIPAA hosting with IT vendors with our HIPAA Compliant Hosting white paper. With 36 pages of statistics, diagrams and researched information sourced from engineers and a CHSS (Certified HIPAA Security Specialist), this white paper is your complete guide to HIPAA hosting.

Still have questions? Contact us or chat now. Learn more about our HIPAA hosting solutions, including cloud, colocation, managed servers and disaster recovery, or submit a quote request today.


PCI Compliant Data CentersLooking for more information on PCI hosting requirements, recommendations, and the foundation of a secure PCI compliant data center?

Download our PCI Compliant Hosting white paper now for a complete guide to PCI hosting with IT vendors.

Still have questions? Contact us or chat with us now. Find out more about our fully compliant, PCI hosting solutions, or submit a quote request for your project today.


The post PCI & HIPAA Data Breaches of 2012: Lessons Learned appeared first on Managed Data Center News.

onlinetech December 17, 2012
Share this Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

ai digital marketing tools
Top Five AI-Driven Digital Marketing Tools in 2023
Artificial Intelligence
ai-generated content
Is AI-Generated Content a Net Positive for Businesses?
Artificial Intelligence
predictive analytics in dropshipping
Predictive Analytics Helps New Dropshipping Businesses Thrive
Predictive Analytics
cloud data security in 2023
Top Tools for Your Cloud Data Security Stack in 2023
Cloud Computing

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

[mc4wp_form id=”1616″]

You Might also Like

cloud data security in 2023
Cloud Computing

Top Tools for Your Cloud Data Security Stack in 2023

7 Min Read
cybersecurity simulations
Artificial IntelligenceExclusiveITSecurity

Combat AI-Powered Threats with Cybersecurity Simulations & Other Practices

7 Min Read
data breach issues
Security

A Guide to Using XDR Threat Protection to Stop Data Breaches

6 Min Read
anti-spoofing tips
Security

Anti-Spoofing is Crucial for Data-Driven Businesses

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

giveaway chatbots
How To Get An Award Winning Giveaway Bot
Big Data Chatbots Exclusive
ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?