Academic health science centre

Laptop stolen from Car

December 25th, 2014

According to the company statement, DJO Global employee’s laptop was stolen from a locked car in Roseville, Minnesota. While the laptop was password protected but it contained personal patient’s information. According to the company, apart from password protection, the laptop had firewalls, anti-virus software, logical access control and tracking/remote management software.

The affected information includes patient names, phone numbers, diagnosis codes, DJO products received by patients and the dates that products were ordered or shipped. According to the reports, information about doctors that tended to patients may have been included in the laptop.

“Since learning about this incident, we have been working very closely with data privacy experts,” the statement read. “As of today, we have conducted a thorough investigation and have uncovered no evidence that any personal information has been misused.”

The affected numbers of patients is not disclosed by the DJO but all the affected are informed about the breach. No credit card information was included but a small number of Social Security numbers were present on the laptop.

“Please be assured that we also are taking reasonable steps to mitigate the circumstances resulting from this incident and to ensure an incident like this does not happen again,” DJO said.

According to the statement:

  • Since learning about this incident, DJO have been working very closely with data privacy experts.
  • DJO has conducted a thorough investigation and have uncovered no evidence that any personal information has been misused.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Northwestern Memorial laptop stolen

December 19th, 2014

 

Data breach occurred when Northwestern Memorial password protected, unencrypted laptop containing patient information was stolen from inside of employee’s vehicle. The affected information includes patients’ names, addresses, dates of birth, health insurance information, billing codes, date of services, physician’s name, medical record numbers, diagnosis, and treatment information. In a few cases, Social Security numbers might have also been compromised.

According to the statement on the website:

“We deeply regret any inconvenience this may cause you,” the statement read. “NMHC has a robust privacy and security program, including encryption of laptop computers. To help prevent something like this from happening again, NMHC is confirming and ensuring encryption of all laptop computers and reinforcing education with our staff on the importance of handling patients’ information securely.”

Northwestern Memorial has notified around 3,000 patients that their PHI was potentially compromised. According the reports, there is no malicious use of data. However, notification letters were sent to potentially affected patients and individuals are urged to reach out to a dedicated call center if they have any questions or concerns.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.