Archive for April, 2015

Cloud Security Adoption

April 4th, 2015

 

Cloud security is given more and more importance by the health care and pharmaceutical industries. These two represent about 38% from the sample survey for cloud security adoption. Privacy regulations and the related laws require the Protected Health Information (PHI) to be secured.

 

“While these regulations vary by region and local governments, the common theme is to ensure both the data at rest within the cloud application and associated data workflows are protected, which enables these organizations to launch new service portals and provide improved methods for sharing information,” the authors explained.

 

The survey also states that there is rising trend in adoption of data encryption software.

 

“While data encryption is considered the primary method for protecting data in the cloud, additional requirements include the organization’s ability to control access to the encryption keys and preserve search, sort and filtering functions,” the report stated. “Successful cloud security deployments also require workflows and interoperability with both enterprises on-premises applications as well as external cloud-based applications.”

 

Healthcare organization needs to adopt stringent security measures due to HIPAA Omnibus Rule, which also makes third party companies liable for data breach.

 

“For example, a data storage company that has access to protected health information (whether digital or hard copy) qualifies as a business associate, even if the entity does not view the information or only does so on a random or infrequent basis,” the Rule states. “Thus, document storage companies maintaining protected health information on behalf of covered entities are considered business associates, regardless of whether they actually view the information they hold.”

 

Alertsec strengthens security

 

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

 

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

 

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

 

Missing documents lead to data breach

April 2nd, 2015

Life Care Center of Attleboro in Massachusetts suffered a data breach when the company that stores its patient records could not find certain documents. Iron Mountain which stores records for Life Care Center could not find certain documents which contained patients’ information. The breach came to notice during the audit. The affected patients involved those who received medical care in Life Care Center between 1992 and 2004. Employees who worked at Life Care between 1992 and 1999 may also suffer a data breach.

The compromised information includes patient names, addresses, Social Security numbers, dates of birth, diagnoses, and other medical status and assessment information. The missing box of documents may also contain financial information. It is not clear how the incident occurred.

“We are taking this matter very seriously and have conducted a thorough investigation,” the statement read. “Please be assured that we have taken every step necessary to mitigate the circumstances resulting from this incident and to ensure an incident like this does not happen again.

According to Iron Mountain, records were inadvertently destroyed during a planned consolidation of storage facilities by a predecessor company.

“We are taking this matter very seriously and have conducted a thorough investigation,” the statement read. “Please be assured that we have taken every step necessary to mitigate the circumstances resulting from this incident and to ensure an incident like this does not happen again.”

Iron Mountain mentioned that it will continue the search.

“Until Iron Mountain completes a full audit of its records, they will not be able to ascertain whether the stored boxes are located, missing, misplaced, or destroyed,” according to Life Care. “This audit is expected to be completed by December 2015.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.