Archive for September, 2015

Employee reportedly stole patient information

September 3rd, 2015

According to the Merit Health Northwest Mississippi, an employee removed patient information from the facility without authorization. The facility was notified by law enforcement on July 1, 2015 that one of its employees was under investigation for identity theft. Notification are sent to affected patients. Merit Health has also setup free credit monitoring and identity theft resolution services.

According to the reports, the employee was removing hospital documents from February 2013 to June 2015. Affected information includes patient names, addresses, dates of birth, Social Security numbers, health plan numbers and clinical information. Data related to other individuals responsible for payment of care may have been included in some cases. The statement on the website did not specify how many individuals were potentially affected by this incident.

“In order to prevent any further removal of documents or unauthorized computer access by the employee, the Hospital terminated the employee’s access to buildings and computers and suspended the employee,” the statement explained. “The person is no longer employed by the Hospital. The Hospital is cooperating with law enforcement in its ongoing investigation.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Boston University suffers hacking incident

September 1st, 2015

Affected information includes names, Social Security numbers, dates of birth, medical record numbers, and dates relating to the research. The data related to personal information was immediately removed from the server.

Three affected individuals were listed as having Maryland addresses. The individuals had participated in a research study for Edward Bernstein, MD. The university is taking steps to prevent similar incidents from happening in the future. It is also notifying the US Department of Health and Human Services Office for Human Research Protections.

According to the reports, it was determined after a month-long investigation that a third-party had infiltrated the server and then installed a hacking toolkit.

“At this time, Boston University does not have any knowledge that your information has been used for any unauthorized purpose,” stated a copy of the data breach notification letter sent to potentially affected individuals. “Therefore, this letter is not a notice that you are a victim of identity theft; it is a notice that there may have been unauthorized access to your information, not necessarily that it was accessed or has been used. Nevertheless, we are notifying you in accordance with applicable laws, as required by the IRB in accordance with federal law, and in an abundance of caution.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.