In information security there are two common terms (data privacy and data security) that are used. Most people assume they mean the same thing however they do not. Data security is the term used to define the walls set in place to protect the data a company has so that the availability is limited to the company and not to an outside, unknown source. Data privacy is more of the policy a company has to follow when handling data that has been given to them. The reason why people get them confused is they do go hand in hand with each other. You cant very well have a well placed privacy policy if you dont have a security system in place. A big problem though is even if you have well placed data security measures, they may not be enough. That is why data privacy is just as much of a key factor as data security. In the healthcare department, most hospitals allow a patient to login online to see there test results. What most people dont realise is that is actually pretty unsafe. Once you have accessed that data from your computer, you have brought that data outside of the hospitals firewalls and encryption. If you stored those test results onto your computer it would be very easy for a hacker to gain access to those documents versus going through a hospital. Along with this, hospitals face an issue of whether or not to centralize or decentralize data. What do you think they should do?
Click to access secprivhealthit.pdf
http://blog.eiqnetworks.com/blog/bid/313892/The-Difference-Between-Data-Privacy-and-Data-Security
abowerblog 