Technology Insurance Blog – CFC Underwriting » » 2011

September 2011
M	T	W	T	F	S	S
« Aug		Oct »
	1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

Going online with health records comes with risks

September 14, 2011 under all posts

Most see moving medical records online as a vital step in streamlining medical processes, eventually resulting in both cost and life savings. There’s just one hitch. When things go wrong online, the results can be staggering.

Take for example a recent case in California where it’s been discovered that the medical records of 300,000 individuals have been sitting on the Internet, unsecured for everyone to see. The spill was discovered by a researcher from Identity Finder through Internet searches, a common way to find unsecured private information. The company who managed the records failed to set up password protection or to instruct search engines not to index the pages.

In this case, security could have been drastically improved. However, even systems with good security can be hacked by someone willing enough. And in the case of health records, the consequences can be particularly bad due to the personal nature of the information.

In the US, federal law mandates will require all health records to go online by 2014. This comes with some significant risks which will need to be accounted for in the security of the systems, including who exactly can access them. Insurance policies for data breaches should also be in place to help minimise the damage in case robust security plans fail.

See the full story on Yahoo! News

Many of our policies include explicit virus and hacking liability cover, including those for medical professionals. To learn more, view our products.

Heist on prepaid debit card company

September 2, 2011 under all posts

In a recent case involving Fidelity National Information Services Inc. (FIS), the world’s largest processor of prepaid debit cards, approximately $13 million has been lost due to a “highly-coordinated heist” in which stolen prepaid cards were cashed out at ATMs.

Some prepaid cards cannot be used again after their balance is exhausted. However, the cards in this heist could be. Fraudsters gained access to 22 stolen cards, cloned them, gained access to the system behind them, created a network of individuals across Europe and then systematically withdrew cash from them. Because they had access to the system, they dramatically increased the amounts that could be withdrawn at once while also replenishing accounts that were low. The super-organised heist cost FIS dearly.

This isn’t the first heist of this kind. In 2008, RBS WorldPay experienced a similar breach and while some key figures in that case were extradited to the US, some got off with probationary time alone. With the threat becoming more palpable with every breach, prepaid debit card companies will be considering how best to enhance security to prevent future breaches.

See the full story on KrebsOnSecurity.com