Jeff Blumenthal
Philadelphia Business Journal
Staff Writer
Companies have found themselves dealing with ensuing class-action litigation from consumers victimized by the breaches as well as credit-card companies and banks.
According to the Open Security Foundation, a Virginia nonprofit that collects information about data breaches, there were 61 reported breaches combined between 2001 and 2004. But those numbers shot up to 141 in 2005 and have exceeded 500 per year since 2006, with 252 reported so far this year.
Data breaches cost their companies an average of $204 per compromised record, up from $138 per compromised record in 2005, according to a 2009 study conducted by the Poneman Institute.
Sasha Romanosky, a doctoral student at Carnegie Mellon University whose research revolves around data breaches, said Pennsylvania and New Jersey are slightly above the national average for rate of reported identity theft, which is about 30 reports per 100,000 people between 2002 and 2009. In Pennsylvania, there were 32 per 100,000 people, while New Jersey was higher at 38. Romanosky said this data did not fluctuate much after the advent of the new legislation.
Thomas Jefferson University Hospital was forced to notify about 21,000 patients that some of their most sensitive financial and medical information was compromised following a laptop theft revealed last month. It covers those who received inpatient care between March and November 2008. While the laptop was password protected, the data itself was not encrypted.
Jefferson President and CEO Thomas Lewis said in a statement that “storage of patient data on an employee’s unencrypted computer — even while on TJUH premises — is a breach of hospital’s policy.”
Richard Figley
Independent Associate
1-800-DO-A-WILL
www,800-DO-A-WILL.com
No comments:
Post a Comment