Beruflich Dokumente
Kultur Dokumente
Table of Contents
Cyber Security Breach Incident: .................................................................................................................... 3
Security Functions: ........................................................................................................................................ 3
Recommendations: ....................................................................................................................................... 4
References: ................................................................................................................................................... 5
Cyber Security Breach Incident:
American Medical Collection Agency is a local organization that collects bill. It was known from
Aug. 2018, and March 2019, the data was being accessed from unauthorized sources. The security
breach was detected in the payment gateway of the agency. The breach was initiated from the
Quest Diagnostic Patient data. It is reported that the data of about 7.7 million consumers was
compromised due to this security breach ("Another 7.7M affected by American Medical Collection
Agency breach", 2019). The personal information, as well as the payment credentials of
consumers, were compromised as these details were obtained usually for the payments of medical
and other bills (Massara, 2018). LabCorp is the organization that reported the number of consumers
affected. LabCorp also claimed that no medical information was compromised but the personal
information and payment details were affected ("Another 7.7M affected by American Medical
Collection Agency breach", 2019). The case is still under investigation that how much data is
affected. AMCA is sending details and notifications to the consumers whose data is compromised
but still the agency is not providing details to the LabCorp about the amount of data affected by
this breach.
Security Functions:
The organization believed the requirement for any organization to establish security checks and
measures that have a web existence. The organization being discussed has also an online portal for
the information of patients. It is necessary for the organization to run penetration tests and security
checks to ensure firewall and protection of data ("Another 7.7M affected by American Medical
Collection Agency breach", 2019). The websites having confidential information must have
monitoring and surveillance as the entry point to the private network are these websites. A strong
firewall and secure website help to avoid such critical security breaches. The organization that
the idea of legally bound instead of usual agreement. The security can be established in such cases
by enforcing the legal binding of the contracts that cover protection from such incidents. In this
case, as the entry point to private network was from Quest Diagnostics so there is a dire need of
making such organizations aware and legit for cybersecurity (Rademaker, 2016). In the recovery
and protection phase, it was also suggested that the healthcare providers should not only enforce
legal binding of contracts but also, they should follow security policy by making on-site visits,
security assessment and video conferencing ("Another 7.7M affected by American Medical
Collection Agency breach", 2019). This will lessen the chance of such incidents in future. The use
Recommendations:
There are many cases of cybersecurity are reported every year but usually they are alleged of
compromised security. But in this case, the breach has nothing to do with the security of main
location of data (Rademaker, 2016). The entry point for breach of data was a sub-organization that
became reason of such a big breach of data where huge number of customers were affected
("Another 7.7M affected by American Medical Collection Agency breach", 2019). The health data
according to the contracts of cybersecurity (Rademaker, 2016). To avoid such incidents, it is highly
recommended to have security checks and penetration testing of websites to sustain the system
Rademaker, M. (2016). Assessing Cyber Security 2015. Information & Security: An International Journal, 34,
Another 7.7M affected by American Medical Collection Agency breach. (2019). Retrieved 14 September
Medical-Collection-Agency-breach