BACKGROUNDER:
It has been reported that the king of Spain has had his PHI exposed in the latest data breach. The royal was among thousands affected by the computer security failure of the Madrid health system. The breach meant people’s private data such as their telephone number, social security number and address could be accessed by just having their ID number, Telemadrid reported.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>A data breach can be a royal mess for any company or person caught up in having sensitive PII or PHI apprehended and exposed. The news that King Felipe VI of Spain has had his personal health data compromised turns that into a Royal incident. No matter what role or station in life we occupy, our most sensitive financial and health information needs to be kept private. The most common ways of preventing this from happening, such as traditional perimeter security and classic encryption, don’t necessarily account for the fact that sensitive data may ultimately fall into the wrong hands anyway. For this reason, data-centric approaches to security such as tokenization and format-preserving encryption safeguard the data itself, and they do so in a way that means organizations can work with data (for mission-critical activities such as data analytics and DevOps testing) without de-protecting it. Enterprises handling and processing sensitive data should explore data-centric security as another valuable and necessary tool in their cybersecurity toolbox, because the fallout from a data breach can cost a king’s ransom in fees, fines, and reputational damage.</p>
<p>Fortunately the GDPR is a modern law and blind to the fact if the victim may be a king or a peasant, but it is good the incident has been reported and resolved. Seeing the comments made as to what data in fact were exposed, clearly personally identifiable data but a minimal amount of health data, the fact who some of the victims are seems to be used to inflate the impact of the incident which is sad – this would be just as bad with or without kings and ministers, and its been swiftly resolved.</p>