Nude “before and after” photos stolen from plastic surgeon, posted online, and sent to victims’ family and friends::The FBI is investigating a data breach where cybercriminals were able to steal patients’ records from a Las Vegas plastic surgeon’s office and then publish them online.
deleted
There’s a difference between enabling encryption in the HD where you store client nudes, versus screaming that people should selfhost all their apps and only use their computers on a RAM disk that filters all traffic through Tor.
HD encryption only helps if they get physical access to the disk when the device is locked or powered off. If they get it via a backdoor or virus, then it doesn’t help.
That isn’t at all the argument presented by those opposed to “nothing to hide” mentality. You’re simply going from one extreme to the other, and presenting a strawman.
Yikes. What a weird, cruel thing for someone to do.
Found the info I was looking for in the article. The documents did not appear to be stored with any kind of encryption… so yeah this was terrible it happened, but it happened partially due to not spending enough on IT resources to guide them on proper practices for handling documents with confidential information and violated HIPAA. As someone who works in the field all patient information must be encrypted at rest or another form of encryption on the data must exist for it to fall within compliance. On top of this only the bare minimum amount of people should have access to this data and absolutely should have audit logs for anyone accessing the data normally through the 3rd party application used to store and lookup the information.
I hope they get the full fines
Let’s just all post our nudes and get it over with. You go first.
I’m not sure what do do about the before and after though. Any suggestions?
Just stick your tummy in and then out, like in the commercials
deleted by creator
Honestly the whole before/after nude photo aspect of plastic surgery feels so weird even if they’re never hacked. No other doctors do this with photos. And I get it, portfolio and all that, but at least offer a discount of something. But everyone? For medical reasons? Not even just kinda creepy, that’s meaningfully creepy. And as made evident by this breach, not even a little surprising that they have substandard information security policies. Anybody at the office could probably get access to the shared folder they probably stuff these into. And the doctor’s kids all probably know his crappy password that never changes. So so so many ways this could and will go wrong.
How do you track and improve impact and quality of work without before and after documentation?
Notes? Close-up wound/scar photos? Any number of ways every other doctor manages to handle it?
