I have never experienced a failure in maintaining confidentiality, integrity, or availability of information systems. However, as a statistician working in a hospital and work relate patient databases. Although I am not directly responsible for data security, as a data user, I am aware of the possible risks and their consequences.
If confidentiality is compromised, unauthorized access to patient information, such as medical records, can result in privacy breaches, legal issues, and loss of patient trust.
If integrity is affected, inaccurate or altered medical records could lead to incorrect treatments, harming patient safety and damaging the hospital’s credibility.
If availability is disrupted, the healthcare team might lose access to critical data, potentially delaying care and posing a life-threatening risk to patients in emergencies.
To prevent such issues
Confidentiality: Encrypt patient data and restrict access to authorized personnel only.
Integrity: Use audit trails and data validation methods to monitor and protect data from unauthorized changes.
Availability: Regularly back up data and ensure systems are protected from cyberattacks, such as ransomware.