HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Major breach of Electronic Health Records inevitable

By 2015, all healthcare facilities face a deadline set by the U.S. Department of Health and Human Services (HHS) to utilize Electronic Health Records (EHR's). So far, 'business' breaches have far outweighed that of personal health information. The sheer amount of medical information that will be available online, though, will create a plethora of new targets and opportunities for hackers that will quickly close that gap.


Application control will be key in securing this data. It won't do any good for data to be encrypted if the application on a doctor's laptop that reads it has already had its access rights compromised. Security for EHR's is also complicated by the fact that different vendors utilize different software and controls. On top of that, not all participants in the health care infrastructure are mandated to use EHR's at the same time.


There is incentive to adopt best security practices and get it right, though. There is a hefty increase in fines for EHR breaches under the Health Information Technology for Economic and Clinical Health (HITECH) Act. Fines can now go as high as $1.5 million per year.


One thing we know is that hackers are focused, and that they understand psychology. In the coming years, expect a rash (no pun intended) of social engineering attacks designed to gain access to EHR's, as well as an increasing number of 'traditional' methods of attack all designed to steal personal health information. Because of the numbers, a major breach is at some point inevitable. How do consumers protect themselves? Unlike financial information, which can ultimately (if painfully) be cleared, a breach of personal health information can be irrevocable. Adopters of EHR's will hopefully keep that in mind.



Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.