P2P Networks Expose Health Information

This article in Secure Computing Magazine discusses the risks posted by P2P network software, primarily file sharing systems like LimeWire. Medical data is leaking at an alarming rate via tools like this, because they are difficult to control and have a tendency to reach out and collect data from everything they touch. While this article focuses on healthcare data being exposed, it is just one kind of information that is leaking. Financial records, social security numbers, and other data is at risk as well. Perhaps most importantly, passwords and logon credentials are leaking, putting additional systems at risk and threatening a chain reaction. Obviously, banning the use of P2P sharing software would be a good step, and most likely necessary for HIPAA compliance (or Sarbanes-Oxley compliance for that matter) but it is equally important to implement "view-only" systems that prevent the download of sensitive data in the first place, and to protect vulnerable networks and corporate software systems with authentication that can stand up to the loss of passwords and login codes.