Obtaining Patient’s Information from Hospital Employees through Social Engineering Techniques: An Investigative Study

View Sample PDF

Author(s): B. Dawn Medlin (Appalachian State University, USA) and Joseph Cazier (Appalachian State University, USA)
Copyright: 2011
Pages: 13
Source title: Pervasive Information Security and Privacy Developments: Trends and Advancements
Source Author(s)/Editor(s): Hamid Nemati (The University of North Carolina at Greensboro, USA)
DOI: 10.4018/978-1-61692-000-5.ch006

Keywords: Information Science Reference / Information Security & Privacy / IT Security and Ethics / Security & Forensics

Purchase

View on the publisher's website for pricing and purchasing information.

Abstract

Social engineering can be briefly defined as the obtaining of information through deceptive methods. The intention of the action is to acquire information that will be of use in order to gain access to a system or use of information obtained from the system. There are benefits gained by allowing health care workers access to patient data, but the ability to maintain security of that information may be compromised due to the accessibility. Using methods such as social engineering, health care workers may innocently provide sensitive information without realizing that they have participated in the process of deception. This chapter addresses the issue of social engineering used to obtain health care worker’s passwords, as well as the laws that govern health care workers in relation to the privacy and security of confidential patient information.

The IRMA Community

Research IRM

Obtaining Patient’s Information from Hospital Employees through Social Engineering Techniques: An Investigative Study

Purchase

Abstract

Related Content

IRMA Sponsors