Senior Communications Manager
Kirk Nahra Discusses Health Care Data Security Risks
Kirk J. Nahra, chair of Wiley Rein’s Privacy Practice and co-chair of the Health Care Practice, was quoted by The AIS Report on Blue Cross and Blue Shield Plans, in a recent article about health care data security risks.
Mr. Nahra explained that human-error mistakes and old fashioned theft still account for the majority of medical data breaches, despite the heightened discussion of cybersecurity. A November 4 report from Internet security firm Bitglass found that 68% of all reported health care data breaches posted on the U.S. Department of Health and Human Services (HHS) website were a result of loss or theft, while only 23% were due to cyber hacking. The “low-tech” data breaches, as Mr. Nahra calls them, include thefts of paper, cell phones, laptops, and desktop computers.
“Even these very fancy high-end hospital systems, everything is on paper,” Mr. Nahra said. “It’s astonishing how much paper there still is. It really is an overused word, but you really need a holistic approach to security.” He added that one of the biggest liabilities he sees in the health care industry is employees.