The security breach "Wall of Shame" created by the Office for Civil Rights at the Department of Health and Human Services needs an overhaul, according to Niam Yaraghi, a fellow in the Brookings Institution's Center for Technology Innovation.
When an organization reports a breach that compromises the health data of more than 500 consumers, OCR posts information about that breach to its website. However, the Wall of Shame "neither creates awareness nor motivates privacy protection efforts in healthcare industry," Yaraghi writes at U.S. News and World Report.
The posts lack crucial information, he says, such as how the breach happened and whether the organization could have stopped it. Because of that, the wall is public shaming that paints "victims and culprits with the same brush," he says.
The website should be updated to include more information on the breaches,Yaraghi adds, such as rulings for each case and the HIPAA penalties with which organizations are hit.
Attacks on the healthcare industry especially show no signs of slowing down, with a recent Ponemon Institute survey finding that organizations face about one cyberattack per month. They also are becoming more costly; recently Hollywood Presbyterian Medical paid hackers about $17,000 (40 bitcoins) after a ransomware attack left its networks disabled.
To learn more:
- read the U.S. News post