 Analyzing the Vulnerability of U.S. Hospitals to Social Engineering Attacks: How Many of Your Employees Would Share Their Password?B. Dawn Medlin,
Joseph A. Cazier and
Daniel P. Foulk
International Journal of Information Security and Privacy (IJISP), 2008, vol. 2, issue 3, 71-83 Abstract: One of the main threats to keeping health information secure in today’s digital world is that of social engineering. The healthcare industry has benefitted from its employees’ ability to view patient data. Although access to and transmission of patient data may improve care, increase delivery time of services and reduce health care costs, security of that information may be jeopardized due to the innocent sharing of personal and non-personal data with the wrong person. Through the tactic of social engineering, hackers are able to obtain information from employees that may allow them access into the hospitals networked information system. In this study we simulate a social engineering attack in five different hospitals of varying sizes with the goal of obtaining employees passwords. 73% of respondents shared their password. This raises serious concerns about the state of employee security awareness in our healthcare system. Date: 2008 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jisp00:v:2:y:2008:i:3:p:71-83 Access Statistics for this article International Journal of Information Security and Privacy (IJISP) is currently edited by Yassine Maleh More articles in International Journal of Information Security and Privacy (IJISP) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.