- Table 1. Six steps that will improve the cybersecurity posture of any organization.
• Categorize and classify your systems and data
according to risk of downtime, data loss, data
destruction, and data theft• Grant access to systems and data only to
those who truly “need to know.”• Work with your institutional security officer to
select, implement, train, and routinely test ap
propriate procedural and technical controls.• Assess the effectiveness of all controls via a
third-party testing or audit.• Ensure that the security controls are monitored
on a regular basis.• Have a clearly articulated incident-response
plan and trained users. - Table 2. Ten of the largest HIPAA data breaches reported to the HHS database as of December 2015.
Organization Method/Breach Date Number of
recordsLocation of
breached
informationAnthem Hacking/IT incident March 2015 78,800,000 Network server Premera Blue Cross Hacking/IT incident March 2015 11,000,000 Network server Excellus Health Plan Hacking/IT incident Septemberbreak/>2015 10,000,000 Network Server Science Applications
International Corpora
tion (SAIC)Loss November
20114,900,000 Other University of California,
Los Angeles HealthHacking/IT incident July 2015 4,500,000 Network Server Community
Health Systems
Professional Services
CorporationTheft August 2014 4,500,000 Network Server Advocate Medical
GroupTheft August 2013 4,029,530 Desktop computer Medical Informatics
EngineeringHacking/IT incident July 2015 3,900,000 Electronic Medical
Record Network ServerXerox State Healthcare Unauthorized
access/disclosureSeptember
20142,000,000 Desktop computer or
other deviceIBM Unknown April 2011 1,900,000 Other
Supplementary Materials
www.sciencetranslationalmedicine.org/cgi/content/full/8/322/322ps2/DC1
Table S1. NIST framework categories and definitions.
Additional Files
- Supplementary Material for:
A cybersecurity primer for translational research
Eric D. Perakslis* and Martin Stanley
*Corresponding author. E-mail: eric.perakslis{at}takeda.com
Published 20 January 2016, Sci. Transl. Med. 8, 322ps2 (2016)
DOI: 10.1126/scitranslmed.aad5169This PDF file includes:
- Table S1. NIST framework categories and definitions.