Backup Tapes With 2 Million Medical Records Stolen

Lucas123 writes "A vehicle used by an off-site archive company to transport patient data was broken into on March 17. The University of Miami just made the theft public last week, saying the thieves removed a transport case carrying the school's six computer backup tapes. On those tapes were more than 2 million medical records. In fact, the archive company waited 48 hours before notifying the university itself. A University spokeswoman said the school has stopped shipping backup tapes off-site for now."

Easy case

[plover]

This case should be pretty simple to solve. Just track down whoever buys a 9-track tape reader off eBay in the next month and nail him to the wall.

yes but what's the value

[goombah99]

Why would someone steal the tapes? What is there value.

Re:

[Z00L00K]

As usual - computers will be of value for anyone needing money for drugs. To a drug-addict that means that tapes must have some value too.

Re:yes but what's the value

[Jhon]

Why would someone steal the tapes? What is there value.

What would YOU pay for 2 million social security numbers?

Re:

[SavvyPlayer]

$0.00, before court, legal fees, etc.

Re:yes but what's the value

[WaltBusterkeys]

Why would someone steal the tapes? What is there value.

From TFA: The stolen backup tapes hold names, addresses, Social Security numbers and health information

On the black market these days, a full identity (name, SSN, address, bank information, etc) can go for $14 each [washingtonpost.com]. If the tapes had full identities, that's 2 million x $14 = $28 million payday for a bunch of crooks. Even assume a "volume discount" for these guys and they're still in the many million dollar range. Even if it's just name, address, and SSN there's some value on the black market for these tapes.

When you're breaking into a vehicle filled with stuff that looks like computer equipment, it's hard to know whether the data is going to be social security numbers (valuable), credit card numbers (valuable), medical records (valuable if there's addresses and SSNs), or routine corporate records (not all that valuable). Enough data brokers [reputation...erblog.com] are sloppy enough with their security that there's a good chance to get some identity information that has value.

These guys were either extremely lucky or knew exactly what they were doing. Or they're complete idiots who are wondering why these tapes won't play on their 8-track player.

Re:

[Digestromath]

Not to mention there is also the potential for blackmail. If anyone on the tapes has a serious, publically undisclosed, and socially stigmatic medical condition its ripe.

For Example: Alot of people don't want to publically share that they have STDs etc. Especially not if the files are cross linked with a list of their sexual partners.

While sale for identity fraud would most likely be the most profitable, there are alternative uses for this data. Given the enterprising nature of most criminals, this is

Doesn't modern tape backup software encrypt data?

[Futurepower(R)]

"On the black market these days, a full identity (name, SSN, address, bank information, etc) can go for $14 each."

Good answer. Next question: Doesn't all modern tape backup software encrypt all data?

Even my personal DVD backups are encrypted automatically.

Re:Doesn't modern tape backup software encrypt dat

[drinkypoo]

Good answer. Next question: Doesn't all modern tape backup software encrypt all data?

1. Define "Modern"
2. No

HTH, HAND :)

Seriously though, there's overhead and hassle involved with encrypted backups. The value of a backup is greatly diminished if you can't restore it.

Re:

[BoRegardless]

Well after the "complete idiots" who stole the tapes read Slashdot, they know know they hit the jackpot.

Gotta be a lot of retired mainframe guys around who would "do a consulting job".

Yeah, but ...

[CustomDesigned]

Complete idiots don't read Slashdot. Oh, wait ...

Re:

[Thalagyrt]

I work for the University of Miami. These tapes will be entirely useless to anyone who snags them, and no, we haven't stopped off-site shipping. All of our off-site tapes are highly encrypted. We aren't idiots.

TFA does NOT say they were encrypted

[Skapare]

There's nothing in the article that says they were encrypted. They were compressed and some kind of encoding was involved. But encoding could be any number of things, and quite possibly the coding used by medical records systems to compact common terms to numbers. It could be hard to make use of the data. But if it was an "inside job", or the perps can get the software used on this, it can be cracked easily. This is not strong encryption.

Re:

[Mysticalfruit]

Let the fuckers steal our backup tapes... good luck it's encrypted with AES256... that should keep them busy for a couple billion years.
And yes, we do recall random tapes to ensure that we can restore from the encrypted volumes.

In this day and age of "Information Warfare" you should consider every system for moving data vulnerable and take measures to ensure that attempting to steal that data would be more work than what it's worth.

Re:

[frdmfghtr]

In this day and age of "Information Warfare" you should consider every system for moving data vulnerable and take measures to ensure that attempting to steal that data would be more work than what it's worth.

In the case of physically moving backup high-value drives/tapes to off-site storage, that would mean an armored courier. That data is money to somebody, so protect it like money. Sure it's more expensive that the local Speedy Messenger cargo van, but so is losing control of the data.

Re:

[Thalagyrt]

This is standard military grade encryption. I work for the school, I know how our backups work. TFA is incorrect.

Re:

[guruevi]

I work at a University with a large medical site/hospital/research and I've worked in several businesses that have to have HIPAA or SoX compliance. The laws state and the legal advisors make sure you know this: if your data was encrypted and then lost disclosure is not mandatory and thus the agreement of the employer then takes over, if you disclose it anyway, you lose your job.

Another example: If you have a database, it is sufficient to only protect/encrypt one of the (i think it's five) identifiers to be

Re:

[pclminion]

Among things mentioned by others, it enables you to blackmail people who have sensitive medical conditions they don't want the whole world knowing about.

Crooks hoping for physical, got useless tapes

[spineboy]

More often than not, homeless people, and petty crooks just steal AYTHING out of cars hoping to get pennies on the dollar for whatever they stole. A nice looking, shiny case was probably thought to have some nice stuff in it, other than tapes. I bet the tapes are in some sewer drain or dumpster by now, and the case is being pawned for 5 dollars.

pretty valuable for cherry-picking risk pools

[ridgecritter]

If I ran a medical insurance company, those tapes could let me know whose applications to deny and whose to accept. Very valuable indeed.

Re:

[Crudely_Indecent]

The last time I bought tapes (SDLT2 600GB tapes) they were $80 each. $80 x 6 = $480

Beyond that, the value depends on how resourceful you are. If it were me (running across tapes..not stealing them) I'd spend some time getting to know the data involved. Then, I might start investigating parties who might be interested in that data.

Your average car thief doesn't have the skills or the thousands of dollars of equipment necessary to really utilize that data.

If I had to guess...the case was sold (if it was a

Hmm.

[Ethanol-fueled]

From TFA:

After learning about the data breach, the university contacted local computer forensics companies to see if data on a similar set of backup tapes could be accessed. Menendez said security experts at Terremark Worldwide Inc. "tried for days" to decode the data but could not because of proprietary compression and encoding tools used to write data to the storage tapes.

Proprietary compression and encoding tools? the article reeks of FUD but proprietary technologies still aren't without their faults...but eh, it's not like they used this "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" [wikipedia.org], right?

Re:Hmm.

[Anonymous Coward]

When questioned further, Terremark employees answered, "what's EBCDIC?"

Re:

[cobaltnova]

Proprietary compressions and encodings: the poor man's encryption... Except that it costs a buttload

Re:

[DigitAl56K]

Encryption is never mentioned, and I believe if there had been any encryption that it certainly would have been, and that they would not even bother having someone try to decode data on a similar tape.

Re:

[Thalagyrt]

Proper protocols are followed.

"IT Security has been asked that all departments and schools verify that all backup tapes being sent offsite are encrypted. Tapes being kept within the University must be stored in a secure location, if they are not encrypted. If any unencrypted tapes have been sent offsite, please contact IT Security or myself."

I've said it twice now, just figure I'll reply to people here. TFA is incorrect, our tapes are encrypted, not encoded.

My new data security plan.

[Digestromath]

Physical Security: Lock the damn doors to the van when you leave it parked outside the Cheesy Burger.

Multi key, multi volume encryption: Lock each of the tapes in a different cabinet in the van, each with a different key.

Security through obscurity: Remove large sign on van reading "Secure Data Transport, 'Transporting your valuable data since 1991'" replace with "Flowers By Irene"

Introduce comprehensive staff security training: Hold their families hostage, and tell them that if they lose the data

Re:

[bev_tech_rob]

You're joking, right? These couriers probably visit over 100 different businesses each day loading up with boxes of tapes and printouts for storage and/or destruction. You can't possible think that the courier's driver, being paid a little over minimum wage; is going to take the time to sort out tapes and put them in different bins. They grab the boxes, throw them in the back of the van and move on to their next stop.

The customer of said courier needs to make sure that sufficient encryption is in plac

*Still* no encryption??

[DigitAl56K]

There needs to be a law regarding data encryption. Virtually every time data is stolen, be it on CDs, laptops, backup tapes, missing hard drives, and so forth, it is not encrypted. In fact, I can think of only one case that has made press in the last 4-5 years that I can remember encryption being used to safeguard the data.

Transporting confidential data off-site via any medium, including the Internet, without industry-recognized encryption (not something that is proprietary and untested) ought to be a criminal offense with severe penalties.

TFA talks about proprietary compression and encoding and not about encryption. I simply do not believe that it is difficult to recover that data - whatever proprietary software wrote those files can be obtained from somewhere for a price. You can probably Google the file extension or some information in the header to determine the format and/or software.

"The university feels confident that the person who took [the tapes] doesn't know what they have."

They do now!

"Even though I am confident that our patients' data is safe, we felt that in the best interest of the physician-patient relationship we should be transparent in this matter."

That data is not safe. At best it is in an obscure, but not secure format.

It's incredible, really. Since TrueCrypt 5.0 arrived,I don't even carry my work laptop or flash drives around without either full disk encryption or encrypted container files on them, and they do not contain anything as sensitive as 2 million medical records.

Re:*Still* no encryption??

[WaltBusterkeys]

You can probably Google the file extension or some information in the header to determine the format and/or software.

Not everything is on Google. If we're talking tapes, we're probably talking old mainframe-level systems. That means the problem might even be at the level of accessing the tape at all. The data coming off the tape is still just a string of ones and zeroes to them.

This isn't a question where they've got a file sitting on their desktop called "Data.abx" and all they need to do is figure out what program creates an ".abx" file. In all likelihood, there's an old custom or semi-custom mainframe system that wrote this to the tape that didn't format in FAT32. (Nor would it make sense to even both with a filesystem on this type of backup system -- you're not backing up files, you're backing up a database.) From looking at a stream of data dump, there's no way to immediately make sense of it. If there's no file headers, there's not as much of a clue as to where to start. It just looks like an endless string of hex (2 million records is a lot of data).

Somehow I doubt that this is just an Access file, sorry. Or even a SQL dump. They're not complete idiots.

Re:

[Xtravar]

Somehow I doubt that this is just an Access file, sorry. Or even a SQL dump. They're not complete idiots.

Chances are, since it's a health system, it probably uses a post-relational database, typically of this variety: http://en.wikipedia.org/wiki/MUMPS [wikipedia.org]

Which means the file format could be anything...

I'm just glad they're not our customer. 8-)

Re:

[stephanruby]

Not everything is on Google. If we're talking tapes, we're probably talking old mainframe-level systems. That means the problem might even be at the level of accessing the tape at all. The data coming off the tape is still just a string of ones and zeroes to them.

Actually, this is not rocket science.

You could hook up/jerry rig any tape player that's remotely close to the backup tape in question, in terms of size and reading area of the magnetic head (the magnetic head could be bigger too), the rotation s

Re:

[stephanruby]

LTO4 includes on-tape encryption as part of the spec. These'll be modern tapes (which are still very much in use).

Forget my previous post, if this university was located in my jurisdiction, it may not even be legally required to notify anyone about its loss (although, I couldn't be sure about that since I do not work in a Medical field). So please, someone chime in if you know about that.

Re:

[filthpickle]

I work for an insurance claims clearinghouse. The company I work for takes the HIPPA laws very seriously. One big mix up with patient data and no matter how good you are nobody will want to use you.

2 million lost records is a lot, so just about any company would be compelled to own up to it...and they really aren't at risk here since they didn't knowingly or recklessly (geek level arguments about data transport aside) release the data.

Since they didn't technically violate any HIPPA laws, I don't think that

Re:

[budgenator]

HIPPA is the 800 lbs gorilla in healthcare IT and I believe that unauthorized release of identifiable medical data is a $50,000.00 fine; I'm not sure if losing backup tapes with 2 million records is one release or 2 million releases! I expect lawyers to get rich on this one when it goes class action, that's when everybody on the tapes will get notified.

Re:

[stephanruby]

HIPPA is the 800 lbs gorilla in healthcare IT and I believe that unauthorized release of identifiable medical data is a $50,000.00 fine; I'm not sure if losing backup tapes with 2 million records is one release or 2 million releases! I expect lawyers to get rich on this one when it goes class action, that's when everybody on the tapes will get notified.

But that's the point, that tape they lost was encrypted (apparently to a high enough level). The contingency plan was this encryption. The system looks like

Re:

[asc99c]

Lots of new mainframe level systems still use tapes. Many customers prefer tape drives for backup of any sensitive data - it means that you don't have to put the systems on the open internet to get offsite backups done. While tapes aren't the most robust medium for constant access, it's a very good format to write to and throw into a store room for backups.

Remember also hardware-wise, tape is still a pretty interesting format. LTO [wikipedia.org] currently uses 800GB tapes with 1.6 and 3.2 TB versions planned. The 120M

Re:

[mwvdlee]

If we're talking tapes, we're probably talking old mainframe-level systems.

Tapes are still the norm for large-scale backup.
Unless you still consider GB-sized files to be "large" ofcourse, in which case other technology might suffice.

Re:

[urcreepyneighbor]

They're not complete idiots.

Famous last words. :)

Always assume the person is a complete idiot, unless proven otherwise.

Re:

[Chris Mattern]

They're not complete idiots.

We believe they may be lacking some critical parts.

Re:*Still* no encryption??

[jimicus]

Why would you still use antiquated mainframes for your backups, particularly if it's 2 million records? If something happened at your site you'd need a similarly antiquated mainframe just to get your data back. That makes very little sense.

Three reasons:

1. It works.

2. IBM (assuming they are using IBM kit) mainframes are still being built today, and while they're totally different internally to the systems of 30 years ago, they're still compatible.

3. This is what companies like SunGard and IBM (yes, they have a DR consultancy team) specialise in. You tell them what equipment you'll need in a disaster recovery scenario, they agree to loan it to you. In which case, who cares how old the system is?

Re:

[jabuzz]

Assuming it is an IBM mainframe, it will be LTO or 3952, anything else and it might also be a DLT/SDLT variant. The market is rapidly converging on LTO, and the latest iteration LTO4 offers on drive encryption of your data. As has any decent enterprise backup software for like a decade.

Nobody uses 9" real to real tapes these days.

Re:

[apathy maybe]

I knew that I would see a post saying something like this.

Yes encryption is a great thing and should be used all the time, especially on laptops. Well actually, there is one time when it *shouldn't* be used (or at least, not automatically). Want to know when that is?

For backups. Want to know the easiest way to render your carefully planned backup system useless? Forget the password for the system and not have another way in.

Oh sure, they could just write down the password (which is a good option often), but

Re:

[jimicus]

I knew that I would see a post saying something like this.

Yes encryption is a great thing and should be used all the time, especially on laptops. Well actually, there is one time when it *shouldn't* be used (or at least, not automatically). Want to know when that is?

For backups.

THANK YOU. I'm glad I'm not the only person who thinks this.

The backup software I use (http://www.bacula.org - a fantastic piece of work) does have the facility to encrypt everything.

But I've considered the risk to the business in the event of tape loss versus the risk to the business in the event that we can't decrypt the data because for whatever reason the office has burnt to the ground and the offsite copies of the keys aren't recoverable.

I concluded that if it's a choice between explaining a lost tap

You keep your backups safe - why not your keys?

[Animaether]

Anybody who uses encryption wisely knows that they should guard the key with their life (not literally), not just from being stolen but also from being -lost-. That typically includes keeping a second set of the keys (protection against loss; unless both sites are hit at the same time) somewhere only you know about (protection from targeted theft) in a way that makes it nigh impossible to determine what they're for (protection from random theft); or just useless once realized they're compromised (change th

Re:

[zippthorne]

Photometer data, seismic measurements, tide levels, temperature logs, astronomical images, ephemeris data, past lotto numbers, emergency procedures, core sample measurements, and many others are all examples of things that shouldn't be encrypted. (and should probably be stored in plain ASCII delimited lists, uncompressed as well, if possible)

Identifying information about real people does not fall on that list. It's not really *your* information to lose. It is far better that you should forget a key and h

Re:

[ErroneousBee]

Do you inform your customers that their data is shipped to remote sites unencrypted?

Yes, failure to restore due to password loss is a risk, but then so is data escape.

Having identified the password issue, you need to have a scheme to protect against password loss, particularly long-term backups. Just not encrypting replaces one problem with another.

Re:

[PapaZit]

Consider the relative difficulty involved in sending an occasional tape to your offsite facility that's clearly labeled "backup decryption keys".

You're using the same facilities that you trust for your other backups. Recovery is relatively straightforward. Only now, if a tape goes missing on its way to the facility, you don't have to worry as much.

(Yeah, I know that some of you send a dozen tapes to different facilities guarded by warring factions of ninja assassins and you encrypt your encryption keys su

Re:

[firewood]

Print the keys out on paper and stick them in a fire proof safe, taking copies to a bank vault far offsite well before shipping a set of backup tapes using that key. It's not like even a 4096 bit key takes more than a page.

Re:

[Chris Mattern]

You have a very good point. I would say that backups that stay in the data center and are just shelved back in your tape vault should *not* be encrypted. Backups that go outside the high-security area of your data center or pass into the hands of people who shouldn't be reading them (and your off-site storage people may be trusted to hold your backups, but they still have no business reading them) need to be encrypted.

Re:

[DarkOx]

Not to mention anyone who has worked with tape knows its not usually the most reliable media. One of the main reasons your rotate through multiple backups is because you exepect unrecoverable CRC errors and like from tape. You go to your next oldest set and pull whatever file/files/database you could not get from the bad set of tapes and pull that from there. When you do major upgrades or equipment moves where the expectation of needing the backup go up good admins will want the prior two backups in the

Re:

[jabuzz]

I would add to this that every enterprise backup system that I know of has had the ability to encrypt the backup for ages. It's number six on the Tao of Backup, and that is 11 years old.

If the contents of your tapes are encrypted it matters not if they go missing.

Relative Risk

[PIPBoy3000]

I work for a health care organization. We ship our backups off-site just like these guys. When it comes to encrypting hard drives, what you say makes sense. When it comes to backup tapes, it's not going to happen. The main reason is that encryption is slow. If I have to restore 500 GB of data and decrypt it, suddenly you're telling physicians that they can't get to the patient information they need to treat the patient even later than before. If someone loses the encryption keys, the information patie

Re:

[ColdWetDog]

Bah, I would disagree. And IAAP (I am a physician) - who has worked in IS intermittently for decades.

First, if your recovering from an off site backup tape, something went down and it's going to take a while to get it running again. Decrypting can't add much more than 20 - 30% (number pulled from appropriate nether region) to the time. If it does you need to upgrade those C-64's you're using in the server room.

Second, if the data is bulk stuff going off site, it's obviously not a primary rapid-respons

Re:

[The Second Horseman]

Ok, so, let's say you've got a regulatory requirement to keep certain records for a long time (medical records are a good example of this). And you've got to guarantee that you can recover them no matter what. Even if the hospital is reduced to a smoking crater, or the actual company that made the backup software (or encryption software) went out of business 20 years ago. You could have a problem with conflicting regulations. You also have to factor in everything that could go wrong with the encryption syst

Re:

[Thalagyrt]

All of the university machines have full drive encryption on them using, you guessed it, TrueCrypt. The drives will look like garbage to anyone who sees them.

The data put on our tapes is fully encrypted, and on top of that encoded with wtfever our tape backup system uses.

Do not panic

[Psychotria]

A University spokeswoman said the school has stopped shipping backup tapes off-site for now."

Well, I am sure that makes everyone sleep a little easier tonight--it's obviously all under control.

Even better

[Psychotria]

"The university feels confident that the person who took [the tapes] doesn't know what they have. Even if they do know what's contained inside, it's very difficult to extract that information," remarked Menendez.

I am sorry Menendez, but difficult for who exactly. Your school is not unique, nor is it the pinnacle of knowledge (no school is). If we could decrypt things 50 years ago, how is a "compression" method hard to work out?

Re:

[MMC Monster]

And if it's worth 20+ million (at $14 per identity * 2 million individuals), I'm sure they can rent the help of some black hats to help them decode a tape from a proprietary system.

Re:

[Psychotria]

You're saying the same thing as me. Compression can be viewed as a weak encryption (and a relatively easy "encryption" to decode).

2 million records, or people?

[pclminion]

The article is very careful to phrase it as "2 million medical records." I somehow doubt that this means the medical records of 2 million separate individuals -- if it did, surely the news outlet would have said so, as it is much more dramatic. I bet a "medical record" is a single row in the database, and what was really stolen was a DB with 2 million records (as in "rows") in it. I seriously doubt the medical records of 2 million people are all collected on a single set of tapes.

Re:

[palewook]

Whoever had the hardware sitting in a car, needs to be fired and then sued by every person affected.

Re:

[MichaelSmith]

If it's Windows just start with Arcserve, Backup exec, etc... If it's UNIX just start with cpio, tar, dump, etc...

Strings [ed.ac.uk]

Old school

[LoudMusic]

Tape is so last millennium. Anybody who's anybody backs up to hard drives across the internet.

Re:

[account_deleted]

Comment removed based on user account deletion

Who waited how long?

[Skapare]

Let's see here. Archive America waited 2 days. Then the university waited 27 more days. Who needs to do the most explaining?

Proprietary compression?

[Skapare]

Proprietary compression cannot be cracked? I can tell you that this can be hard to do. And this is from experience. I once worked at a company where a project one year involved writing some programs to extract data from files stored be various competitor products to enable customers to easily migrate to our products. I was given the one that the managers thought wasn't even possible to do, because the data look like gibberish (because, unknown to them at the time, it was compression). It took me FIVE w

In 2025 those will still be valid SS numbers

[plantman-the-womb-st]

Get your most closely kept personal thought:
put it in the Word .doc with a password lock.
Stock it deep in the .rar with extraction precluded
by the ludicrous length and the strength of a reputedly
dictionary-attack-proof string of characters
(this, imperative to thwart all the disparagers
of privacy: the NSA and Homeland S).
You better PGP the .rar because so far they ain't impressed.
You better take the .pgp and print the hex of it out,
scan that into a TIFF. Then, if you seek redoubt
for your data, scramble up the order of the pixels
with a one-time pad that describes the fun time had by the thick-soled-
boot-wearing stomper who danced to produce random
claptrap, all the intervals in between which, set in tandem
with the stomps themselves, begat a seed of math unguessable.
Ain't no complaint about this cipher that's redressable!
Best of all, your secret: nothing extant could extract it.
By 2025 a children's Speak & Spell could crack it.

You can't hide secrets from the future with math.
You can try, but I bet that in the future they laugh
at the half-assed schemes and algorithms amassed
to enforce cryptographs in the past.

Re:

[schmiddy]

Correct Attribution:
Artist: MC Frontalot
Title: Secrets from the Future

Full lyrics: here [actionext.com].

Parent omits the second half of the song.

Re:

[Dr_Barnowl]

The math sayeth ; you are wrong.

Mathematics are about the one part we can have certainty in.

Nothing can crack a one-time pad ; not a real one with proper random numbers. Not even a quantum computer could do it.

Other than that, a nice poem :-)

Re:

[plantman-the-womb-st]

Actually I don't lock my door, or my car for that matter, and you're welcome to my SSN (488-22-1086) I have the worlds *worst* credit score good luck using it for fraud... but that's beside the point. The point is not that I don't care about security, but that the GGP(parent to my Frontalot quote) was saying *gasp* it might take 5 months! So? why would the thief care how long it took? I wouldn't if it was me. I mean hell, in three years those SSNs will still be valid, the Gub'ment don't reissue those yo

Tape encryption is avaliable for all, use it.

[vallef]

Hopefully people will use tape encryption now, it's been available for years. As I am afraid that tape is still the most efficient for moving large amounts of data. Also the tape encryption is uses very strong algorithms e.g. AES-256 etc.

Some vendors like Sun and IBM give the key management stations away for free if you use encryption. People just do not understand how hi-tech tape is nowadays. Everyones perception of tape is old DAT, people need to look at Sun T10000, IBM TSxxxx or LT04. If you are

Re:

[Skapare]

What we need to do is get a law passed that mandates strong encryption and proper key handling for all qualifying data (anything with personally identifying information, including SSN, bank account numbers, CC numbers, health information, etc), held by any entity (corporate, organizations, governments), that is transported, transferred, or exchanged offsite by any means (tapes, disks, internet, private data circuits). There should be a minimum violation penalty for cases where the data was not stolen or ta

Re:

[budgenator]

How do you fine a government agency?

Alternatively, how do you fine the employees of a government agency if there aren't any, because no one was crazy enough to expose themselves to getting fined while working at government rates?

No you just promote them to Information Technology Liaison
Person for the Distant Early Warning Station 150 Km north of Where-Polar-Bears-Shit-On-Ice, Canada for a nice stable 3 year tour of duty.

Re:

[ToasterMonkey]

Some vendors like Sun and IBM give the key management stations away for free if you use encryption

Who gives them away for free? IBM, SUN, or HP?
Enterprise grade encrypting tape drives cost as much as a SUV anyway, so I wouldn't think they're above this tactic, I just haven't heard of it.

The cheap end, LTO4 encryption, is still way too new. Search the links for LTO... Give it a year or so before major backup software natively supports it well. If you just want your tape library managing the encryption keys, well, have at it I guess.
IBM [ibm.com]
SUN [sun.com]

I think the best bet for cheap, solid tape encryption at the

Read the important words

[ZorbaTHut]

"For now".

I highly suspect this translates as "until we think people have forgotten about this". Why fix the problem when we can just pretend it's gone away?

Time for Brinks

[Statecraftsman]

It shouldn't be easy to steal these things. It's time valuable data is treated like it has value. That means armored vehicles for transport.

Maybe they should list SSNs, Birthdays, and Addresses in the foreign exchange markets so people will get a clue.

How many times does it have to happen?

[barzok]

It's going to keep happening. This sort of sloppy data handling is going to continue until there's proper incentive to protect data. And that means (IMHO) crippling penalties for those involved. Penalties so immense that the business nearly goes under. Penalties for the individuals who allowed unencrypted data to be put at risk - not just the peons swapping tapes, but the executives who didn't mandate/allow proper procedures. All the way up the food chain.

This stuff has to be taken seriously, but right now

Re:

[SRA8]

If people cared enough, they would reach out to their lawmakers and have such a law passed. California's laws were a start, but we have a ways to go. I have reached out to my representatives, but clearly it isnt a priority for most, or we'd already have laws.

Re:

[pclminion]

Why do you want to punish the underling who was ordered to transport something probably without even being told what it was or how important it was? This sort of thing is the job of an armored car. For wanting to punish the least responsible party involved, you are an asshole.

Re:

[budgenator]

The Hospital hired an experienced, insured and bonded company specializing in document storage and retrieval services for the Medical Legal and Business comunities.

Re:

[barzok]

And yet they were still able to fuck it up beautifully.

Totally unnecessary

[Sir_Real]

I wonder if the HIPPA compliance officer got canned. Why the hell wasn't this data encrypted?

Why Uni need 2 Million medical records in 1st pl.?

[Adeptus_Luminati]

Mr. Obvious asks:

What does a University need with 2 Million medical records? Since when did patients agree that Universities could have a copy of their information?

Re:Why Uni need 2 Million medical records in 1st p

[Thalagyrt]

University of Miami partially runs one of the largest hospitals in Miami, Jackson Memorial.

Ever heard of encryption?

[gweihir]

Apparently not. Incompetents.

I've never been happier...

[thegnu]

I've never been happier to be unable to afford to go to a doctor. :D

Oh, fuck yes.

Re:

[DigitAl56K]

All they need to do is create a TrueCrypt container or the like and write the data to be backed up into it before copying it to the archival medium. Then you don't need an armored vehicle, or even a stun gun. You could literally walk down the street with a disk in your hand inviting people to steal it, because it wouldn't matter at that point - the data is secured to such a degree that it is questionable whether even the government could access it. Of course, you wouldn't handle the archive that way regardl

Re:

[zippthorne]

It's a tape backup. they don't even need truecrypt. They could just pipe it through openssl.

Re:

[zippthorne]

I imagine the armored car companies refuse to transport them: the tapes are considerably more valuable per volume than anything else in the truck, and may be more valuable than the entire truck (if it's transporting mixed bills, for instance)

It might be that the armored car companies don't want to increase the profile of their trucks that much. The security is designed to make attacks more costly than the contents, which is defeated by transporting things of too significant a value.

Re:

[The Second Horseman]

Yes, in fact, you can. I know of one data destruction company in NJ that will work with Dunbar Armored and can transport stuff from most areas to their facility. However, that type of transportation could be well beyond the budget of many organizations.

Re:

[budgenator]

The Hospital would rather hire a licensed, insured and bonded contractor that is responsible for picking the tapes up at the Datacenter door and delivering to the Datacenter door when needed. This fuck-up is probably Archive America Ltd's [archiveamerica.com] responsibility by contractual agreement and they aren't some fly-by-night newbie but an established company with lot's of experience in the field so pleading ignorance isn't going to work for them.

Re:

[owlstead]

Well, now they do...

Has nothing to do with medical staff

[filthpickle]

Medical staff and any other people untrained in information security just aren't going to have the computer literacy or "computer common sense" to handle millions of peoples' medical records adequately.

But it's all in the name of tracking your every move, so I guess it's OK.

Your network should be secure (they don't set that up)

The software they use should be secure (they didn't write it)

The method you use to transmit your claims should be secure (they don't set that up)

All you have to tell them is "don't email claim/medical record files" I have taught literally hundreds and hundreds of shockingly stupid people (the people at your doctor's office or the hospital that do the billing are almost certainly the lowest paid people in the chain...in the ballpark of minimum wage) how

Re:

[v1]

I've seen it work both ways, but normally, archive companies are supposed to be more responsible than Joe Watercooler, and that's what you're paying them for so they should know what they're doing. Employees are sloppy with tapes and sometimes don't use common sense. They'll stop for groceries on the way home from work and leave the car unlocked. They'll toss the tapes on the floor when they get home and the dog will chew-toy them. They'll set them on top of the radiator or their computer monitor.

As far

Re:

[budgenator]

Our dental office has about 432 cubic feet of unused records with a data retention period of 30 years and it grows at about 9 cubic feet a year; I would love for everything to be on tape or even a pile of CD's!

Re:

[budgenator]

the way I understand it is,
3 years statute of limitations of litigations, (Malpractice),
7 years statute of limitation for tax liability (IRS and dentists get audited a lot),
30 years for OSHA and some FDA required records for medical devices (Dental implants and sleep apnea and anti-snoring devices and anything of foreign origin); so the ADA just recommends 30 years for everything.

Re:

[Renraku]

Lets say Employee A decides that he'd make a good off-site backup person. Lets go on to say that he's an honest hardworking man who has no intention of making a million overnight by copy/pasting the data and shipping it to some benefactor.

The tapes come up missing. Employee A is fired, jailed, and probably sued for everything he's worth as he only has $20 an hour or so for the past 5 years to hire a lawyer with. Supervisor A is fired, Manager A might be fired too..because they both knew about it. People

Re:

[qzulla]

This is so wrong I don't know where to start.

qz

Re:

[qzulla]

Poster actually meant GPS. I use it all the time.

qz