Insider Threats In Healthcare

Words: 433
Pages: 2

The meaning of insider is strongly dependent on the application context. Furthermore, the concept is relative to the privileges available (either given or somehow otherwise acquired), which may be hierarchically layered or otherwise granted. For example, in health-care applications, a doctor may have access to personal and medical data of many patients, whereas a patient may be able to access only certain portions of his or her own data—and nothing else. Patient care typically involves information exchange between a large numbers of individuals providing services in a hospital, mostly through a combination of electronic and paper records. Unintentional unauthorized access is rampant in Healthcare sector. Patient data is prone to insider threats …show more content…
An attacker can see how well current releases are performing in comparison to earlier versions as well as other releases from other products. With a little work they can get a list of all phone numbers from all handsets that are currently in the field. Along with the phone numbers is also a list of cellular providers, from which messages are being received. Besides indicating which handsets are in development for which providers, this collection of data could be used to identify individuals (through the use of reverse telephone look-ups) to ultimately get their hands on the actual testing prototype(s) currently testing in the field. For instance insider attack, Ivan the insider gets fired and ABC the administrator forgets to void Ivan’s (login) credentials. Ivan goes home, logins into his work machine and takes some malicious action (introduces bugs into source, deletes files and backups, etc…). Alternatively, ABC might void Ivan’s credentials, but forget that Ivan also uses a shared group