Enterprise2.us - Harnessing the Power of Us

Enterprise 2.0

Subscribe to Enterprise 2.0: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Enterprise 2.0: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

e20 Authors: Lisa Calkins, Flint Brenton, Melanie Marten, Elizabeth White, Liz McMillan

Related Topics: PC Security Journal, Security Journal, Enterprise 2.0

Blog Post

The High Cost of No Encryption

Sometimes little things can make a big difference

The average price of a notebook in the U.S. is about $631. The cost of a notebook that contains unencrypted patient information is far greater.

Earlier this week, the Department of Health and Human Services' Office for Civil Rights levied a hefty $1.5 million fine against the Massachusetts Eye and Ear Infirmary.

HHS determined that Massachusetts Eye and Ear had violated a number of HIPAA requirements stemming from the theft of a neurologist's notebook in South Korea in 2010. A hospital employee losing a notebook is one thing. The hardware can easily be replaced at a minimal expense. However, when the laptop contains unencrypted data including, patient names, addresses, phone numbers, dates of birth, medical records numbers and certain medical information, that's another story entirely.

Because the laptop was unencrypted, the healthcare organization to was required under the HITECH ACT to notify HHS, the media. Had the drive been encrypted, Mass Eye and Ear likely could have claimed safe harbor and not faced the fine or the ensuing sanctions.

Gazzang counts a number of health care organizations among our rapidly expanding customer base. Most come to us initially to satisfy HIPAA requirements for securing sensitive data on disk or in the cloud. What they soon realize is that data encryption is so inexpensive and easy to use, that they might as well encrypt all their data. We even have healthcare customers using zNcrypt for Healthcare to secure their IT helpdesk content.

The bottom line is if you have data that's important to your organization or your customers, it needs to be encrypted. As we've seen time and time again, it's too expensive not to do it. To learn more about how data encryption and key management can help you meet your HIPAA needs, check out this HIPAA Compliance Guide.

More Stories By David Tishgart

David Tishgart is a Director of Product Marketing at Cloudera, focused on the company's cloud products, strategy, and partnerships. Prior to joining Cloudera, he ran business development and marketing at Gazzang, an enterprise security software company that was eventually acquired by Cloudera. He brings nearly two decades of experience in enterprise software, hardware, and services marketing to Cloudera. He holds a bachelor's degree in journalism from the University of Texas at Austin.