Healthcare startup issues breach notification, announces shutdown on same day
- A California-based health startup discovered a breach March 7
- Exposed data included names, phone numbers, dates of birth, medical histories, health insurance information, and more
- Seven weeks later, the startup announced it was shutting down
California-based healthcare startup myNurse on April 29 announced that it was shutting down after issuing a data breach notification to its patients.
As TechCrunch reported, “myNurse said in the data breach notice that its decision to shutter its business ‘is unrelated to the data security incident,’ but did not provide a reason for the unexpected shutdown.” Whether this breach was actually “the straw that broke the camel’s back” isn’t entirely clear, but it’s safe to say it couldn’t have helped a fledgling business.
So although we can’t directly attribute the business’s failure to the breach, it’s important to take note that not every company is built to withstand a serious security incident. Which is why it’s critical to ensure you have the appropriate security and data protection measures in place.
A Breach Too Far
News of data breaches and other cyberattacks have become uncomfortably common in recent years. Most businesses seem to understand the risk–how could they not with each new headline?–but when it comes time to act, fewer take the proper security measures to protect themselves and their customers.
Part of the reason behind this is that risk can be difficult to quantify, and although nearly everyone claims to care about brand reputation and trust, many companies that suffer data breaches have banked on the short memories of their customers to help them weather the storm.
Without naming names, some of the biggest breaches of all time have been only a bump in the road for organizations that are too big to fail. However, not every business is breach-proof.
Technologies like encryption, and especially tokenization, can reduce the risk of data breaches, exposures, and theft. When implemented properly, these solutions can virtually eliminate data theft and simplify compliance with common regulatory obligations such as the Payment Card Industry Data Security Standard and the Nacha Operating Rules and Guidelines.
Tokenization specifically removes sensitive data from an organization’s environment and replaces it with nonsensitive tokens that preserve much of the utility of the original data. So even if an organization’s internal systems are breached, no sensitive data will be exposed because none is available.
To learn more about how the TokenEx platform can reduce risk and streamline compliance, contact us today. We’d love to learn more about your business and how we can help.