Ucsf medical center case study-information security, Computer Network Security

Example : UCSF Medical Center

In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doctor working in Pakistan and who threatened to release patient records onto the internet unless money owing to her was paid. Many confidential medical transcripts were attached to the email.

UCSF staff was confused; they had no dealings in Pakistan and surely did not employ the person who sent email. The Medical Center began an immediate investigation, concentrating on the transcription service that had been outsourced to Transcription Stat, based in close Sausalito. It transpired that Transcription Stat farmed out work to some 15 subcontractors scattered across America. One of the subcontractors was Florida based Sonya Newburn, who in turn employed subcontractors further, including Tom Spires of Texas. No one at Transcription Stat realized that Spires also employed his own subcontractors, including sender of email. The sender claimed that Spires owed her money, and had not paid her.

Newburn eventually agreed to pay the $500 that the email sender claimed was owed to her. In return sender informed UCSF that she had no intention of publicizing personal information and had damaged any records in her care. Certainly, there is no way to prove that the records have been destroyed actually.

Naturally, you won’t wish your own medical records to be publicized: they should be scarce. This threat cost the organization little in money terms, but how much in the reputation? Just what is the worth of reputation? Or we can say that how much is it worth paying in information security to protect the reputation?

Posted Date: 10/8/2012 4:34:56 AM | Location : United States







Related Discussions:- Ucsf medical center case study-information security, Assignment Help, Ask Question on Ucsf medical center case study-information security, Get Answer, Expert's Help, Ucsf medical center case study-information security Discussions

Write discussion on Ucsf medical center case study-information security
Your posts are moderated
Related Questions
What is the function of key secrecy and algorithm secrecy in security?  Algorithm Secrecy is explained as follows: ‘Algorithm secrecy’ is a method of keeping an algorithm

Question 1: (a) Differentiate between symmetric and asymmetric encryption system. (b) Describe how a digital signature is created. (c) Explain briefly what SSL (secure so

BUSINESS NEEDS Information security performs four main functions for an organization. 1. Protects the ability of organization to function. 2. Enables safe operation of applicat

QUESTION (a) FTP is a protocol used for the delivery of files across networks. Explain how FTP works (support your answer with a diagram). (b) How does TCP perform the gi

Assume that a security model is needed for the protection of information in your class. Using the CNSS model, examine each of the cells and write a brief statement on how you would

Vulnerability Identification Specific avenues threat agents can exploit to attack an information asset are known as vulnerabilities. Examine how each threat can be generated and

Describe the salient features of the multimedia. Also explain the applications of it. Multimedia can be understood as follows: Multimedia is on the whole a media which makes

Identify Possible Controls For each threat and linked vulnerabilities which have residual risk, create primary list of control ideas. Residual risk is the risk which remains to

Secure a Wireless Network WIRELES Most online retailers provide some type of privacy statement. Many statements are long, and appear in small print, and many appear to be simi

Hardware, Software, and Network Asset Identification What information attributes to track is dependent on: •    Requires of organization/risk management efforts •    Management