St. Joseph Health’s patients’ data stolen

July 10th, 2014 by admin Leave a reply »

St. Joseph recently took over Regional Medical Group’s imaging center and recent data breach shows example of what can happen after transition. Total of 33,702 patients were affected by this breach. A thumb drive was stolen from employee’s locker which was not locked during the incident. Information related to Encryption status of the thumb drive was not available.

Affected data due to breach includes patient names, gender, medical record numbers, date of birth, date and time of service and X-ray details. Affected patients were treated with X-ray services. The data was restricted to X-rays only. No other imaging exams — such as mammograms or MRIs — were included on the drive.

The stolen thumb drive did not contain information on specific illness or patient diagnoses nor did it include any patient financial information, including insurance data or Social Security numbers.

“We take our obligation to protect our patients’ privacy very seriously,” said Todd Salnas, president of St. Joseph Health in Sonoma County, to the Democrat. “We apologize to those patients affected and have already implemented a number of security measures and other protocols so that this doesn’t happen again.”

Salnas also added that St. Joseph would be putting new procedures in place to boost physical security, such as using new security personnel, improving employee awareness and implementing a new alarm system.

“We are in the process of standardizing the records from Redwood Regional Medical Group to St. Joseph,” said Salnas. “Not only the data but procedures and policies, which we’re still in the process of completing.”


Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Leave a Reply