Non-employee sees Backus Hospital patient information

August 26th, 2015 by admin Leave a reply »

The breach occurred when an employee brought patient records home with her in an attempt to finish some work remotely. Those records stayed in her home until few days, and may have been seen by non hospital personnel.

Shawn Mawhiney, a spokesperson for Backus Hospital, mentioned that the employee responsible for this breach is being properly disciplined and reeducated on proper handling of patient information.

“The employee took the records home and they are not supposed to do that,” Mawhiney told the news source. “The records then had the potential to be seen by someone in her home. As a health care institution, we take this kind of incident very seriously.”

Patient Kenneth Keely Jr. was shocked at the mishandling of his personal information, according to The Norwich Bulletin.

“I was completely shocked – this came out of nowhere,” Keely said. “Then I read it and it made no sense. First, ‘disciplined’ for what? Why did they have the records for six months and who read it?”

The affected information includes included patient names, medical record numbers, dates of treatment in the emergency room, diagnoses, and treatment information. While Backus has no reason to believe this information was misused in any way, the hospital said it still decided to send out 360 letters to individuals potentially affected by this incident.

According to the Backus Hospital statement:

“We have appropriately disciplined the employee, including reinforcing education regarding our policies and procedures in maintaining the confidentiality of patient information,” the letter states. “We have no indication that your information was used improperly. However, out of an abundance of caution, we wanted to notify you regarding this incident and assure you we take it very seriously.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

 

Leave a Reply