News & Insights  |  Media Mentions

Related Professionals

Practice Areas


Patricia O'Connell
Senior Communications Manager

Kirk Nahra Discusses Health Care Data Security Risks

The AIS Report on Blue Cross and Blue Shield Plans
February 11, 2015

Kirk J. Nahra, chair of Wiley Rein’s Privacy Practice and co-chair of the Health Care Practice, was quoted by The AIS Report on Blue Cross and Blue Shield Plans, in a recent article about health care data security risks. 

Mr. Nahra explained that human-error mistakes and old fashioned theft still account for the majority of medical data breaches, despite the heightened discussion of cybersecurity.  A November 4 report from Internet security firm Bitglass found that 68% of all reported health care data breaches posted on the U.S. Department of Health and Human Services (HHS) website were a result of loss or theft, while only 23% were due to cyber hacking.  The “low-tech” data breaches, as Mr. Nahra calls them, include thefts of paper, cell phones, laptops, and desktop computers. 

“Even these very fancy high-end hospital systems, everything is on paper,” Mr. Nahra said.  “It’s astonishing how much paper there still is.  It really is an overused word, but you really need a holistic approach to security.”  He added that one of the biggest liabilities he sees in the health care industry is employees.