Devices and Data Breach

December 24th, 2017 by admin Leave a reply »

Pennsylvania-based Washington Health System (WHS) Greene mentioned that it suffered data breach due to missing external hard drive.

The device was used for Bone Densitometry machine. Facility mentioned that data of patients who underwent bone density studies at WHS Greene from 2007 until October 11, 2017 may have been present in the hard drive.

Affected information included certain patient information which includes patient names, height, weight, race, and gender information, medical record numbers and health issues may have been included for some patients. Social Security and financial information were not present.

WHS Greene mentioned that there are no signs of information misuse.

“Washington Health System Greene is committed to maintaining the privacy and security of patient information, including regular review and evaluation of the security of all processes in place,” WHS Green stated. “This unprecedented situation has our full attention and please be assured that we have taken and will continue to take steps to ensure that a breach of this nature will not happen in the future.”

As per the OCR data breach reporting tool, total 4,145 individuals may have been affected.

Data sold online in another breach

New Jersey-based Chilton Medical Center recently mentioned that an employee removed a computer hard drive. The person sold it on the internet. Hard drive was sold in the last month.

Patients treated May 1, 2008 to October 15, 2017 may have had their information present on the device.

Affected information included patients’ names, dates of birth, addresses, medical record numbers, allergies, and medications the patient may have received at Chilton Medical Center.

“During our investigation, we determined that the former employee removed other devices and assets from Chilton Medical Center to sell on the internet in violation of policy,” the statement explained. “While we currently have no indication that any of these devices or assets contain patient information, we continue to investigate this incident and, if we determine additional patients are affected, we will notify them as appropriate.”

____________________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra.

Leave a Reply