Community Health Heist Pulls Hospitals into Cyberthreat Fold

August 19, 2014 – In The News

Scott L. Vernick was quoted in the Law360 article, “Community Health Heist Pulls Hospitals into Cyberthreat Fold.” Full text can be found in the August 19, 2014, issue, but a synopsis is below.

Community Health Systems Inc. disclosed Monday that state-sponsored hackers had stolen personal data of 4.5 million patients. The announcement serves as a warning to the health industry that they must also pay attention to external cybersecurity risks that have recently impacted retailers.

Community Health disclosed that the data compromised did not include credit card, medical or clinical information, which suggests that data may have been stored separately from general patient information and secured behind additional firewalls in the company’s systems.

Attorneys point to these practices as a way to potentially minimize the impact of a breach if hackers are able to get into the system.

"Companies should try to make sure that if there is access through the perimeter, that that access doesn’t give way to access to everything," said Scott Vernick, a noted privacy attorney.

Fortifying external security now will benefit health care entities in the long run, attorneys say.

"There is no reason to think that the degree, variety and extent of cyberattacks will lessen," Vernick said.