These employee data thieves provided their login to a hacker to access and steal sensitive patient information, however, as far as patients were concerned, we had let them down. Reporting the data theft and those responsible to Police, OAIC, APHRA and the HCCC was an absolute waste of time. They did nothing except respond that it was a "commercial matter" and would need to be sorted out in the civil courts. A recent civil case took over three years to get to a hearing in the Supreme Court and over 14 months to get judgement. Civil courts is not a solution nor is it a deterrent that will stop insiders stealing your customer lists or IP.
Getting stats about data theft is quite hard, and there’s hardly any for Australia. But there is some information and it’s pretty shocking.
It is estimated that data theft costs $250 billion in the USA.
- 14% of breaches were perpetrated by insiders with 7% involving multiple parties
- 20% of data theft hit information and professional services firms
- 50% of companies surveyed by the Carnegie Mellon Software Engineering Institute experienced at least one data breech by an insider in the previous year.
- 59% of employees who quit or leave admitted to taking confidential or sensitive information
- 62% of employees think it’s acceptable to transfer corporate data to their PCs, tablets, smartphone or cloud sharing application without seeking approval.
- 90% of IT employees indicated that they would take sensitive data if they were fired.
So, don’t kid yourself that it’s not happening much, or not happening much in your business sector, or to your type of business. The simple fact is, that it is and you need to understand it in order to minimise your risk.
There are some pointers on my website to some of the basic things you can do to minimise your risk so have a look.
If its happened to you, send us your story.
APHRA | HCCC | OAIC
No comments:
Post a Comment
Our moderators will publish appropropriate comments within 24 hours.