Skip to main content
SpringerLink
Log in
Book cover

Building a HIPAA-Compliant Cybersecurity Program pp 65–72Cite as

Apress

Who Wants Health Information?

  • Chapter
  • First Online:

Abstract

Threats represent the individuals, groups, and events that create adverse situations affecting the confidentiality, integrity, and availability of patient information. The human elements include state-sponsored groups, organized cybercriminals, other malicious outsiders, including hacktivists, and malicious insiders. Nonhuman elements include natural disasters or other human-made occurrences, such as terrorist attacks. The process of documenting threats requires the risk analyst to think about the actors and scenarios that threaten ePHI. These actors and scenarios take advantage of vulnerabilities that can lead to a privacy or security incident.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    NIST, “Guide for Conducting Risk Assessments,” http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf , September 2012.

  2. 2.

    Andy Greenberg, “Obama Curbed Chinese Hacking, but Russia Won’t Be So Easy,” Wired, www.wired.com/2016/12/obama-russia-hacking-sanctions-china/ , December 16, 2016.

  3. 3.

    Mandiant, “APT 1: Exposing One of China’s Cyber Espionage Units,” www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf , October 25, 2004.

  4. 4.

    FireEye, “APT 28: A Window into Russia’s Cyber Espionage Operations?” www2.fireeye.com/rs/fireye/images/rpt-apt28.pdf , 2014.

  5. 5.

    Jon DiMaggio, “The Black Vine cyberespionage group,” Symantec, www.symantec.com/content/dam/symantec/docs/security-center/white-papers/black-vine-cyberespionage-group-15-en.pdf , August 6, 2015.

  6. 6.

    Verizon, “2016 Data Breach Investigations Report,” www.verizonenterprise.com/verizon-insights-lab/dbir/2016/ , 2016.

Author information

Authors and Affiliations

  1. Lisle, Illinois, USA

    Eric C. Thompson

Authors
  1. Eric C. Thompson
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Eric C. Thompson

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Thompson, E.C. (2017). Who Wants Health Information?. In: Building a HIPAA-Compliant Cybersecurity Program. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-3060-2_5

Download citation

Publish with us

Policies and ethics

Search

Navigation