Archive for January, 2014

1,100 Pediatric Patients’ Health Information breached after stolen laptop

January 7th, 2014

New Jersey’s Barnabas Health recently informed about an unencrypted laptop was stolen on September 24, 2013 from the Barnabas Health Medical Group’s Pediatric Specialty Center which is located in Livingston, N.J. Although the theft was discovered on the same day and police were notified for it but the laptop has not been recovered. Letters were sent to the affected customers.

The stolen laptop contained information which was attached to pulmonary function testing (PFT) equipment information on its hard drive. There is a possibility of data theft of patients’ names, birthdates, testing dates, testing results, physicians’ names, and other demographic information. More information like addresses, financial information or insurance or other identification numbers was not available on it.  Company has informed customers to report any unauthorized activity related to data breach.

Despite the laptop theft, any violation of personal information has not been reported to the company. Company stated availability of printout of PFT forms of the patients ensuring continuity of care and accessibility by the treating physician.

“Patients with questions relating to this incident should call 800-583-1191 between the hours of 9:00 AM and 5:00 PM. Barnabas Health Medical Group sincerely regrets this unfortunate incident and considers the security of patient information to be of utmost importance.” Barnabas Health mentioned in the notification to the customers.

Many measures have been added up like review of applicable safeguards and use against unencrypted laptops to avoid such incidents. Retraining of various patient privacy and security obligations and policies took place for employees of the centre.

Organizations can use encryption software like Alertsec Xpress to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Stolen laptop leads to settlement by the Accretive Health

January 5th, 2014

Accretive Health working as medical billing and revenue management services vendor has agreed for settlement with Federal Trade Commission (FTC) due to allegations of inadequate data security measures which put consumer data at risk.

An accretive laptop containing sensitive information of 23,000 patients was stolen from employee’s car. FTC pointed out many discrepancies like failure to removal of unwanted data from laptop, failure of reasonable procedures in place and vulnerability of sensitive data while laptop is transported. More over they expected to have limited access to customer information by the employees.

Terms of the settlement agreed by the Accretive involved development and deploying a comprehensive data security policy that will be evaluated initially and every two years by a certified third party. Settlement will remain in effect for the next 20 years as per FTC.

To avoid such failures to take proper measures for the security may lead to penalty. To avoid such incidents it is preferred to have proper procedures along with best encryption software. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers.

Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta