Archive for May, 2016

Stolen laptop and Data breach

May 4th, 2016

EqualizeRCM Systems, a billing and collection services vendor recently suffered healthcare incident when one of its
laptop was stolen. Laptop contained patients information which included names, addresses, phone numbers, dates of birth, insurance information, genders, healthcare provider information, billing and diagnosis codes, medical record numbers, internal reference numbers, dates and types of service, locations of services received, and other administrative data.

Affected facilities included-

  • Northstar Healthcare Surgery Center (Scottsdale, Houston, Dallas)Microsurgery Institute (Houston, Dallas)Hermann Drive Surgical HospitalVictory Medical Center Houston
  • Central Dallas Surgery Center
  • Southwest Freeway Surgery Center
  • Kirby Surgical Center
  • Plano Surgical Hospital

Stolen laptop belonged to one of its employees. EqualizeRCM Systems launched investigation after the incident. Financial information and Social Security numbers were not affected. Number of affected individuals were not specified by the facility. But the letter to the New Hampshire Department of Justice mentioned that two individuals from the state were affected.

Facility believes that the information is not misused. But it has offered affected individuals with complimentary identity theft monitoring and remediation services.Notification letters are also sent to affected individuals. EqualizeRCM Systems mentioned that it has developed and implemented additional security measures.

“The privacy and protection of patient information is a top priority for EqualizeRCM, and we deeply regret any inconvenience or concern this incident may cause,” explained the statement. “We are working closely with the affected facilities in our response to this event, and have taken steps to help prevent this type of incident from happening in the future including reviewing our policies and procedures, implementing additional safeguards to ensure information in our control is appropriately protected, and retraining employees on existing policies for the proper handling of sensitive information.”

“EqualizeRCM provides a variety of scalable services to healthcare entities across many segments including ambulatory surgery centers (ASC), durable medical equipment manufacturers (DME), Mental Health Facilities, physicians and providers, hospitals, and urgent care facilities.”


Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software

Robbery and Data breach

May 2nd, 2016

A California-based chiropractic office, Vibrant Body Wellness suffered data breach after its facility was burgled. The incident affected around 600 patients.  According to the reports, laptop and hard drive was stolen. It contained health related data.

Vibrant Body Wellness published the statement as –

“We were robbed! Literally.Yes, it’s sad but true — our office at Vibrant Body Wellness was broken into during the weekend of March 5th to March 8th.  Things were stolen and no one was physically injured.  We are grateful for that, and have been sorting through the violation and the lessons over the past month.  The support and well wishes from our practice members and from our community members has been heartening, so thank you for reaching out and for your patience as we replace equipment and update security procedures.”

Affected information included names, addresses, dates of birth, contact information, diagnoses, and billing information. The laptop was password-protected. Also, the patient information on the hard drive was encrypted.

Local law enforcement officials were notified about the incident. As per the statement, notification letters are sent to affected individuals. They are also encouraged to place a fraud alert on their credit accounts. The practice believes that the information is not being misused or inappropriately accessed.

“We understand that this may pose an inconvenience to you. We sincerely apologize and regret that this situation has occurred,” wrote the owner of the practice, Teresa Lau, DC, in a letter to affected patients. “Vibrant Body Wellness is committed to providing quality care, including protecting your personal information, and we want to assure you that we have policies and procedures to protect your privacy.”

Facility also provided information for placing initial fraud alert, “We are keenly aware of how important your personal information is to you.  You may place an initial fraud alert on your own credit account with Equifax, who will notify the other two credit bureaus.  The fraud alert does not impact your credit score and provides an extra layer of protection–creditors must contact you directly before issuing credit in your name.  The initial fraud alert lasts for 90 days, is free, and can be renewed for free after 90


Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization