Archive for December, 2015

UCHealth and Data Breach

December 4th, 2015

UCHealth, Colorado is notifying approximately 800 patients of an internal healthcare data breach. According to the reports, an employee inappropriately accessed electronic patient files. The incident was discovered during one of the hospitals precautionary HIPAA audits.

The auditors discovered the breach and determined that the employee was accessing electronic patient records out of personal curiosity. There is no reason to believe that the employee has shared the accessed information with anyone else.

Affected information includes patient names, addresses, phone numbers, dates of birth, insurance information, and descriptions of care and treatment plans received during visits. The employee did not access Social Security numbers or other financial and billing information.

According to the statement:

UCHealth takes its obligations to protect healthcare information very seriously. This staff members employment with UCHealth has been terminated. Re-training has been given to all employees to re-emphasize that staff can only view health records of patients for whom they are actively providing care.  All employees also will continue to receive annual training on how to properly access healthcare information.

About UCHealth

UCHealth is a Front Range health system that delivers the highest quality patient care with the highest quality patient experience.  UCHealth combines Memorial Hospital, Poudre Valley Hospital, Medical Center of the Rockies, Colorado Health Medical Group, and University of Colorado Hospital into an organization dedicated to health and providing unmatched patient care in the Rocky Mountain West.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Cottage Healthcare Data Breach

December 2nd, 2015

Cottage Health in California suffered data breach which affected nearly 11,000 patients. Outside IT security contractor found out the breach while testing the providers data systems. The contractor has since shut down the server. Potentially affected information includes patient names, addresses, Social Security numbers, and health information such as diagnosis or procedure. No other financial or billing information was included in the breach.

Affected Individuals include those receiving care at Goleta Valley Cottage Hospital, Santa Barbara Cottage Hospital, and Santa Ynez Valley Cottage Hospital. Hospital has also offered those individuals a free, one-year subscription to a credit monitoring service.

Individuals are advised to put a fraud alert on their credit files due to the fact that Social Security numbers had been compromised.

Cottage Health mentioned that receiving a data breach notification letter does not necessarily mean that an individual has been the victim of identity theft. Hospital believes  that it has no reason to believe that the information has been misused.

As per the statement:

Identity Protection and Credit Monitoring Services

For the individuals potentially impacted, we are offering identity theft protection services through ID Experts to provide FraudStopPHI Edition at no cost. ID Experts holds the American Hospital Association’s exclusive endorsement for breach response services. The provided services include:

12 months of recovery services

Healthcare Identity Protection Toolkit

Exclusive educational materials, and

Access to fraud resolution representatives.

How to Detect Identity Theft

According to the FTC, the best way to detect identity theft is to monitor your accounts and bank statements each month, and check your credit report on a regular basis.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.