Paying Prices for Swiped Devices

Addressing the Issue of Medical Identity Theft from Unencrypted Stolen Laptops

Hospitals are plagued by constant attempts at information hijacking. In the face of increased malware threats, there is an incentive to shift focus in healthcare security toward digital breaches. But hospitals would be wise to continue attending to traditional sources of breach liability, like laptop theft, which are much more common and can have similarly damaging effects. Despite federal regulations’ best efforts to curb them, these issues persist. This Note analyzes potential solutions from three angles—regulatory, legislative, and judicial—to determine what can best motivate health systems to proactively prevent such breaches. I suggest and explore several options, including a regulatory mandate on laptop encryption, legislation inspired by the European Union’s recent data privacy laws, and loosened standing in threat of future harm cases.

The full text of this Note is available to download as a PDF.