Brigham and Woman’s Hospital suffered data breach

November 24th, 2014 by admin Leave a reply »

Brigham and Woman’s Hospital (BWH) laptop was stolen which may have exposed Protected Health Information (PHI) of certain individuals. An armed robbery off hospital ground led to stealing of BWH physician’s laptop and cell phone. According to the reports, physician was forced by the robbers to reveal pass codes and encryption keys.

“Possession of the pass codes/encryption keys along with the devices themselves could provide an individual the ability to view information stored on the laptop or cell phone,” BWH said. “The theft was immediately reported to the Boston Police Department.”

The hospital is unaware of the devices and the status of information access by the robbers is unknown. The devices include information about patients receiving treatment at BWH’s Neurology and Neurosurgery programs. The affected patients count stands at 999 for breached information which includes Patient names, medical record number, age, medications, and information about diagnosis and treatment. Social Security numbers or other financial information was not present on the devices.

“Upon learning of this theft, BWH initiated a thorough investigation, including the creation of a multidisciplinary workgroup to respond to this incident,” the statement said. “BWH is currently reviewing related policies and procedures in an effort to determine if there are steps that BWH can take that may decrease the likelihood of reoccurrence of this type of incident in the future.”

The hospital started sending letters to potentially affected patients asking them to report any illegal activity.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Leave a Reply