This is horrendous.
1.7 million people in NYC have now had their data stolen.
How did this happen?
The hospital makes backup tapes of its computers then has the shipped off site.
On the surface this seems smart:
- Backup computers – SMART
- Store backup off site – SMART
- Transfer backup data in non-secure way – STUPID
- Store backup data un-encrypted – STUPID
The method used to move the tapes to an off site location was via a truck.
(how many of you move you backup in a similar way?)
The data on those tapes was NOT encrypted.
(how many of you actually encrypt your backups?)
The hospital involved is trying to say that the data will be tough to decipher as it is store in a proprietory manner.
All of that data is worth a lot of money to crooks…they spend money to get what they want off those tapes…quickly.
How do you avoid this?
The easiest way to alleviate this entire headache is to use a service that:
- backs up your data
- encrypts your data
- sends your data off site (encrypted)
- Does all of this automatically.
A HIPAA compliant computer backup service is key to ensuring that you not only have your computers backup up, but that you also have a copy of your data stored off site in a secure fashion.