A SANS / Norse whitepaper on Health Care Cyberthreats has just been released. Personal healthcare information (PHI) and organizational intellectual property, as well as medical billing and payment organizations, are all increasingly at risk of data theft because of increased attacks and breaches. This means that compliance nightmares are looming (in addition to the actual risk of loss) for healthcare organizations. Wellpoint has recently found itself at the receiving end of HIPAA fines reaching almost $2 million. In addition, increased use of ePHI will only create more problems in the near future.

The report concludes that healthcare’s critical information assets are poorly protected and often compromised.

Are we going to see a healthcare “target” soon?