Ucsf medical center case study-information security, Computer Network Security

Example : UCSF Medical Center

In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doctor working in Pakistan and who threatened to release patient records onto the internet unless money owing to her was paid. Many confidential medical transcripts were attached to the email.

UCSF staff was confused; they had no dealings in Pakistan and surely did not employ the person who sent email. The Medical Center began an immediate investigation, concentrating on the transcription service that had been outsourced to Transcription Stat, based in close Sausalito. It transpired that Transcription Stat farmed out work to some 15 subcontractors scattered across America. One of the subcontractors was Florida based Sonya Newburn, who in turn employed subcontractors further, including Tom Spires of Texas. No one at Transcription Stat realized that Spires also employed his own subcontractors, including sender of email. The sender claimed that Spires owed her money, and had not paid her.

Newburn eventually agreed to pay the $500 that the email sender claimed was owed to her. In return sender informed UCSF that she had no intention of publicizing personal information and had damaged any records in her care. Certainly, there is no way to prove that the records have been destroyed actually.

Naturally, you won’t wish your own medical records to be publicized: they should be scarce. This threat cost the organization little in money terms, but how much in the reputation? Just what is the worth of reputation? Or we can say that how much is it worth paying in information security to protect the reputation?

Posted Date: 10/8/2012 4:34:56 AM | Location : United States







Related Discussions:- Ucsf medical center case study-information security, Assignment Help, Ask Question on Ucsf medical center case study-information security, Get Answer, Expert's Help, Ucsf medical center case study-information security Discussions

Write discussion on Ucsf medical center case study-information security
Your posts are moderated
Related Questions
Question: (a) What are the various options to mitigate risks in an Information Security Management System (ISMS)? For each option specify an instance where it can be used.

Thinking ethically is difficult without a background in moral philosophy. Asking people to embrace ethics without offering practical explanation of the efficacy of so doing, is a t

TRAP AND TRACE SYSTEMS Trap and Trace Systems use techniques to detect an intrusion and trace it back to its source. Trap comprises of honey pot or padded cell and alarm. The dr

STAR TOPOLOGY In this topology, all devices are attached to a central point, which is sometimes known as the "Hub" as given in the diagram below.   Figure: An ideal

Question 1 a) Provide three advantages of using optical fiber. b) Distinguish between "Direct Sequence Modulation" and "Frequency Hopping" c) Decribe the purpose of using "

Get a copy of Metasploitable at Make">http://sourceforge.net/projects/metasploitable/files/Metasploitable2/ Make sure to follow these directions very carefully. You will get po

(a) Describe briefly the difference between flow control and congestion control in relation to a connection-oriented protocol such as TCP. (b)  What is the initial rate of data

QUESTION a) Determine the RTT (round trip time) between a client requesting a web page of 1024 bytes in size from an internal web server on a 100 Base-T Ethernet. Consider a o

Problem (a) As a forensic investigator, you are needed to trace the source of an email. It is suspected that the email header has been forged. Show how you would proceed to

Scenario: A network with individual hosts (really, virtual machines) can run HTTP (web) servers that are available to the outside. (Here, available means the ability to read and wr