Aventura Hospital suffers third data breach in two years

September 17th, 2014 by admin Leave a reply »

The data breach at Aventura Hospital has exposed 82,601 patients’ data from Sept. 13, 2012 to June 9, 2014. It occurred due to vendor’s employee stealing the sensitive information during that span. It is third breach for Aventura in the span of two years. Valesco Ventures, Aventura’s HIPAA business associate (BA) sent out alert notices to the affected patients.

The affected information included patient names, dates of birth and Social Security numbers, but the organization said that no financial or health information was breached. Incident occurred when Valesco employee inappropriately accessed patient’s information.

According to the Aventura, it will begin assessing how to mitigate patient risks going forward while organization is working with local and federal authorities on breach investigation.

According to the statement:

Valesco Ventures, which provides hospital physician staffing and related services to patients in hospitals, was recently made aware of a situation involving the possible theft of personal patient information from Aventura Hospital and Medical Center. We are committed to the security of patient information, and we apologize for this incident.

On May 28, 2014, Valesco Ventures was notified that an employee may have improperly accessed the personal identifying information of a number of patients of Aventura Hospital and law enforcement was contacted. On June, 10, 2014, law enforcement concluded that this employee had improperly accessed this patient information.

Shortly after law enforcement was notified, Valesco Ventures and Aventura Hospital suspended the individual’s computer and physical access to patient data, and began assessing how to mitigate risks to all patients. Valesco Ventures and Aventura Hospital continue to work with law enforcement to preserve the information that is important to their investigation. 

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Leave a Reply