Can I sue a company for inadequate data protections if my data is breached? I assume I would have to prove damages, and maybe that becomes harder if I can’t tie the victimization to a specific breach. And probably the terms of service make it harder, like I might have to use arbitration and can’t join a class action suit.
The healthcare industry has as much incentive as the financial industry to maintain a high security environment. Fines for exposing PHI can be astronomical if a large number of records are compromised.
This is a new cold war that we’ve been in for a while now. Government backed hacker groups from foreign nations are constantly targeting high profile organizations. Healthcare, Finance, and Government are three of the top targets.
The FBI et al. do try to find the guys. Arrests happen relatively frequently.
But security improvements don’t happen because they cost money, and nobody is making them do it, though this is slowly changing.
When permitting security failures costs more than preventing, then companies will do something.
Can I sue a company for inadequate data protections if my data is breached? I assume I would have to prove damages, and maybe that becomes harder if I can’t tie the victimization to a specific breach. And probably the terms of service make it harder, like I might have to use arbitration and can’t join a class action suit.
The healthcare industry has as much incentive as the financial industry to maintain a high security environment. Fines for exposing PHI can be astronomical if a large number of records are compromised.
This is a new cold war that we’ve been in for a while now. Government backed hacker groups from foreign nations are constantly targeting high profile organizations. Healthcare, Finance, and Government are three of the top targets.