Ucsf medical center case study-information security, Computer Network Security

Example : UCSF Medical Center

In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doctor working in Pakistan and who threatened to release patient records onto the internet unless money owing to her was paid. Many confidential medical transcripts were attached to the email.

UCSF staff was confused; they had no dealings in Pakistan and surely did not employ the person who sent email. The Medical Center began an immediate investigation, concentrating on the transcription service that had been outsourced to Transcription Stat, based in close Sausalito. It transpired that Transcription Stat farmed out work to some 15 subcontractors scattered across America. One of the subcontractors was Florida based Sonya Newburn, who in turn employed subcontractors further, including Tom Spires of Texas. No one at Transcription Stat realized that Spires also employed his own subcontractors, including sender of email. The sender claimed that Spires owed her money, and had not paid her.

Newburn eventually agreed to pay the $500 that the email sender claimed was owed to her. In return sender informed UCSF that she had no intention of publicizing personal information and had damaged any records in her care. Certainly, there is no way to prove that the records have been destroyed actually.

Naturally, you won’t wish your own medical records to be publicized: they should be scarce. This threat cost the organization little in money terms, but how much in the reputation? Just what is the worth of reputation? Or we can say that how much is it worth paying in information security to protect the reputation?

Posted Date: 10/8/2012 4:34:56 AM | Location : United States

Related Discussions:- Ucsf medical center case study-information security, Assignment Help, Ask Question on Ucsf medical center case study-information security, Get Answer, Expert's Help, Ucsf medical center case study-information security Discussions

Write discussion on Ucsf medical center case study-information security
Your posts are moderated
Related Questions
POLICY MANAGEMENT Policies should be managed as they constantly change. Good policy development and maintenance make a more resilient organization. All policies undergo tremendou

A Network is described as a system for connecting computers using a single transmission technology. The computers can interact with each other in a network. They can receive an

'Near Field Communication' (NFC) technologies are expected to become commonplace in the near future. Some relevant features are these: A suitable device (such as a mobile pho

RING topology all computers are connected in loop. A ring topology is a network topology in which every node connects to exactly two other devices, forming a single continuous pa

Identify Possible Controls For each threat and linked vulnerabilities which have residual risk, create primary list of control ideas. Residual risk is the risk which remains to

(a) Describe briefly the difference between flow control and congestion control in relation to a connection-oriented protocol such as TCP. (b)  What is the initial rate of data

Question: Suppose the following brief history of WLAN security standards: When the security of WEP was broken, the industry turned to the IEEE to fix it. The IEEE said it could

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •    Apply safeguards wh

(a) (i) If m = p·q·r where p, q, and r are prime numbers, what is Φ(m)? (ii) Therefore, Determine Φ(440). (b) Describe the following terms as used in cryptography: (i)

Question : An aircraft manufacturing company is considering linking the network of one of its offices to the network of its Headquarter using either xDSL or ISDN. i. Compare