In the year since the breach notification rule for personal health records took effect, no major breaches affecting 500 or more individuals have been reported, according to the Federal Trade Commission.
Despite efforts to tighten security to prevent such digital invasions, the military understands such breaches could still occur, which led Lynn to say the military must develop and train its cyber defenders to act in a degraded information environment.
"Any conflict we see going forward is going to have some element of cyber warfare and we need to make sure that we've prepared and developed our military capabilities to sustain that," says Defense Deputy Secretary William Lynn III.
"It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary," Deputy Defense Secretary William Lynn III writes in Foreign Affairs article.
The only state attorney general in the nation who so far has used his new power under the HITECH Act to sue a healthcare organization for HIPAA privacy and security rule violations is keeping a close eye on breaches of all sizes.