UNCLASSIFIED (U) – TLP: WHITE PAGE 11 OF 11
1
Snell, Elizabeth, Ensuring Security, Access to Protected Health Information (PHI), Health IT Security,
https://healthitsecurity.com/features/ensuring-security-access-to-protected-health-information-phi
2
Schaeffer, Juliann, PHI: Valuable and Vulnerable, For The Record, Vol. 28 No. 3 P. 18,
https://www.fortherecordmag.com/archives/0316p18.shtml
3
Yao, Mariya, Your Electronic Medical Records Could Be Worth $1000 To Hackers, Forbes, Apr 14, 2017,
https://www.forbes.com/sites/mariyayao/2017/04/14/your-electronic-medical-records-can-be-worth-1000-to-
hackers/#7dccdd2d50cf
4
2018 Cyber Claims Study, NetDiligence, https://netdiligence.com/portfolio/cyber-claims-study/
5
2018 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
6
Ibid
7
2015 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ponemon.org/library/2015-cost-of-data-breach-global
and 2017 Cost of a Data Breach Stud: Global
Overview, Ponemon Institute and IBM, https://www.ponemon.org/library/2017-cost-of-data-breach-study-united-
states
8
2018 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
9
Ibid.
10
2017 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ponemon.org/library/2017-cost-of-data-breach-study-united-states
11
Lord, Nate, Top 10 Biggest Healthcare Data Breaches of All Time, Digital Guardian, June 25, 2018,
https://digitalguardian.com/blog/top-10-biggest-healthcare-data-breaches-all-time
12
2018 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
13
Ibid.
14
Value in Healthcare, World Economic Forum, https://www.weforum.org/projects/value-in-healthcare and
Munro, Dan Munro, U.S. Healthcare Hits $3 Trillion, Forbes, Jan 19, 2012,
https://www.forbes.com/sites/danmunro/2012/01/19/u-s-healthcare-hits-3-trillion/#21f79b9d3da8
15
2018 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
(p. 25 has a relevant discussion on customer churn caused by a
healthcare organization date breach)
16
2018 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
17
There are several similar incident handling lifecycle models used across industries, and the one recommended in
this paper is based on the SANS Institute and is often utilized in the healthcare industry in particular
(https://www.healthcareitnews.com/news/7-best-practices-successful-incident-response-plan
), however a similar
but alternative plan can be found here: https://www.cso.com.au/article/600455/six-stages-incident-response/
18
2019 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
19
https://www.cyberthreatalliance.org/value-collaborative-threat-intelligence-sharing/
20
2018 Cost of a Data Breach Stud: Global Overview, Ponemon Institute and IBM,
https://www.ibm.com/security/data-breach
21
Ibid.
22
The Global State of Information Security Survey 2018, Price Waterhouse Coopers,
https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html
23
2018 Cyber Claims Study, NetDiligence, https://netdiligence.com/portfolio/cyber-claims-study/