Who Is Most Vulnerable?

by Gwen Moritz  on Monday, Apr. 2, 2007 12:00 am  

While virtually every business maintains data files of sensitive information — employee Social Security numbers and bank account numbers for payroll deposits, if nothing else — some industries have a greater burden of security than others.
One example: "Any medical provider, when you think about the type of information they have and the amount that is transmitted to other providers, insurance companies and storage facilities," said Todd New-ton, leader of the new Information Management & Security Practice Team at the Mitchell Williams Selig Gates & Woodyard law firm in Little Rock.
HIPAA, the Health In-surance Portability & Accountability Act of 1996, imposed many security requirements on health care providers, insurance companies and employers who have access to employees' medical records.
"Aspects of HIPAA tie into all this," Newton said. "If we were going to work with a health care provider on [data security], we would consult with the experts on HIPAA in our firm."
Banks and securities dealers may be the most vulnerable "because of the obvious gold mine of information" they retain, he said. And their jobs are compounded by the popularity of online banking and the clever and persuasive "spoof" sites and "phi-shing" scams that attempt to lure customers into giving away their personal information.
The Gramm-Leach-Bliley Act of 1999, which modernized banking laws, puts a heavy emphasis on security and specifically holds executives and directors accountable for making sure data is protected.
"It's not something you can put off on your security guy," Newton said.



Please read our comments policy before commenting.