Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Tag: risk assessment
Third Annual Patient Privacy & Data Security Study Released
December 6, 2012, 6:00 am

Could BYOD increase the risks of a healthcare data breach and medical identity theft? The third annual study on Patient Privacy and Data Security reveals the explosion of mobile devices used in healthcare organizations. Most organizations in our study say they permit their employees to bring personally owned devices such as smart phones and tablets and connect to their networks or enterprise systems. While productivity may increase, so does the risk that patient data may end up in the wrong hands. In fact when asked, these organizations admit they are not confident they can make sure these devices are secure. What should hospitals do today? Conduct a privacy risk assessment to identify organizational gaps and create a comprehensive mobile device policy (including detailed guidelines) for all employees and contractors. The policy should address the risks and the security procedures that should be followed. They should also reinforce their mobile device policy with employee education on the importance of safeguarding their mobile devices and how to avoid risky behaviors.  For a copy of the study, please click here:

Understanding the Methodology and Staggering Costs in the Annual Cost of Failed Trust Report
February 21, 2013, 12:00 am

Some staggering numbers

Every Global 2000 enterprise faces a total exposure of almost U.S. $400 million over 24 months due to new and evolving attacks on failed cryptographic key and digital certificate management. And adjusting for probability established by survey participants, we found every enterprise risks losing $35 million.
This findings cap our First Annual Cost of Failed Trust Report: Trusts and Attacks, which quantifies, for the first time, the financial impact of impact of new threats and attacks on our ability to control trust.

Complete study is available -

Security (23)
Privacy (22)
global security (1)
Providers (1)