Here's another comment I received after filing the story:
Even in large complex organizations, the threat of data breaches is determined by the weakest link, which may be a small organization that is a business partner. With healthcare organizations increasingly adopting electronic medical record systems and automating transaction processes, we may see more frequent and disruptive breaches in this sector, at a time when healthcare organizations are trying to get patients, physicians and partners to adopt electronic records and processes.
So healthcare CEOs have to recognize that effective information security management is crucial, not just internally but also in processes involving external stakeholders and open networks.
Professor Amit Basu
Carr P. Collins Chair in MIS
Chairman, ITOM Department
Cox School of Business
Southern Methodist University