With over 650 physicians and 4750 staff support and volunteers, Lucile Packard Children’s Hospital is a world-class, non-profit hospital devoted entirely to the care of babies, children, adolescents and expectant mothers. According to the hospital a laptop containing medical information on pediatric patients was stolen from a secure area of the hospital.
The hospital has notified patients by mail that a password-protected, laptop was stolen from a secured, badge-access controlled area of the hospital and there are chances of data theft. Immediately following discovery of the theft, Packard Children’s Hospital launched an aggressive investigation with security and law enforcement.
The laptop contained operating-room schedules during a three-year period beginning in 2009. Hospital officials are not certain which operating schedules were on the computer. As of now, there is no information on whether the patient data has been accessed by anyone or if there has been any data breach due to the laptop theft. What is clear though that the information didn’t contain any credit card or financial information. Additionally, there were no SSN and confidential data of customers. However, it is quite possible that the laptop may contain patient records such as name, age, medical record number, telephone number, scheduled surgical procedure etc.
The officials stated, “Lucile Packard Children’s Hospital strives to be an industry leader in the area of medical information security. As a result of this incident, we are taking additional steps to further strengthen our policies and controls surrounding the protection of patient data to reduce the chance that an incident of this type will happen again”.
Data breach incidents have been consistently posing problems in the health insurance industry. The problems have accentuated because the professionals at health care industry have been slow in understanding the importance of data protection. The contrary belief that the medical data can’t be secured is nothing more than a myth. This incident should serve as an eye-opener to other experts from the health care industry.
Encryption software like Alertsec would have helped!
The use of encryption software would have helped to keep files protected on the computer. With encryption installed, none of the information or credentials would have been lost. Alertsec uses industry leading Check Point Full Disk Encryption (former Pointsec) software to create a web based encryption service that simplifies deployment and management of PC encryption
The best way to protect information stored on a PC is by using encryption. Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.