Archive for September, 2013

Data Breach at Hope Family Health

September 8th, 2013

An unencrypted laptop containing 8,000 patients’ personal information was stolen which was under possession of a finance department employee of Hope Family Health of Westmoreland, Tennessee.

Patients who visited the organization between 2005 and August 2013 were notified via mail that their names, Social Security numbers and dates of birth have been potentially compromised as a result of the breach. “The information was password-protected; however, it was not encrypted. We don’t believe that anyone’s information has been accessed or used in any way that could cause harm.” said Chief Compliance Officer Joey Forman.

The laptop has yet to be recovered and though Hope has advised patients to check up on their credit and identity monitoring, it didn’t offer a year of free monitoring or a similar program. Hope has said that it has augmented security by moving all protected health information over to a state-of-the-art encrypted database server. “We have spent a lot of money and time to avoid anything like this from ever taking place again,” he said.

Since the theft, Hope Family Health has taken several measures to increase security, which included moving all protected health information over to a state-of-the-art encrypted database server, said Forman.

“We have spent a lot of money and time to avoid anything like this from ever taking place again,” he said.

Those whose personal information is included in any data breach should place a fraud alert or security freeze on their credit reports to help protect against new account fraud, said Michele Cacdac-Jones, spokeswoman for Equifax, a credit-monitoring company. Affected individuals should keep an eye on their credit and financial reports regularly, as identity thieves sometimes take a year or more to use someone’s information, she said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

9,900 patient data breach at Holy Cross Hospital

September 3rd, 2013

Holy Cross Hospital in Fort Lauderdale, Florida had sent a notice to 9,900-patients about a data breach that occurred between November 2011 and August 2013.

Holy Cross is accredited by the Joint Commission and was the first hospital in Broward County to be designated as a Magnet Hospital by the American Nurses Credentialing Center.

Patient names, dates of birth, addresses and Social Security Numbers were accessed by a Holy Cross Hospital employee. A hospital investigation found that the employee intended to use the information for fake tax return purposes. “The employee was terminated, and efforts are underway to prosecute this individual to the fullest extent possible. Holy Cross Hospital takes this issue very seriously. Although evidence does not indicate that the patient information was used for other forms of identity theft and fraud, all patients affected by this incident have been notified by mail and are being offered free credit monitoring services.” the hospital said in a statement.

The employee who stole the data was fired by the hospital and said it wants him to face criminal prosecution. It also arranged a dedicated call center for affected patients who had questions regarding this data breach incident. It was hard to make out from the reports how the records were accessed, whether they were on paper or electronic, what rules the organization had in place to prevent this type of breach and how it plans to avoid similar incidents in the future.

Healthcare organizations need to act as their own watchdogs, so to speak, to protect their patients and themselves from the dangers of a data breach. Getting all the laptops and systems encrypted will also help them protect their data.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta