AlertSec Xpress

The Alabama Department of Public Health faces data breach

July 4th, 2014
Seal of the Alabama Department of Public Healt...

The Alabama Department of Public Health faces data breach

The Alabama Department of Public Health (ADPH) has send out breach notices for more than 500 patients. According to the reports, the affected includes patients treated at one of Alabama’s 65 county health departments. Patient’s personal information and identities were compromised due to this incident.

Data compromised includes clients’ names, dates of birth, and Social Security numbers from ADPH, as well as several other entities. Privacy Officer Samarria Dunson, “[w]e believe now that it is possible they may have been former employees, but we are still participating in the investigation. It would be particular records that were printed out by individuals.”

ADPH released a statement saying it was informed on June 5, 2014 that the U.S. Attorney’s Office for the Middle District of Alabama and the U.S. Department of Justice’s Tax Division that they were prosecuting a case of theft involving personal information.

“We believe now that it is possible they may have been former employees, but we are still participating in the investigation,” Alabama Department of Public Health Privacy Officer Samarria Dunson.

“It would be particular records that were printed out by individuals,” Dunson said.

Dunson says victims range in age, but most were young adults.

“They were born mostly in the year of 1996 which would make then 18 now. Unfortunately that seems to be a group of people that these type of criminals really go after maybe because they are not filing tax returns right now or really keeping up with their credit score,” Dunson said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Child Vaccination records stolen

July 2nd, 2014

Cryptographically secure pseudorandom number g...

The San Antonio Metropolitan Health District recently suffered data breach when laptop containing information was stolen.

The San Antonio Metropolitan Health District recently suffered data breach when laptop containing information was stolen. According to reports, number of child patients stands at 300 whose vaccination information was present on the laptop. Information on the laptop included patients’ last names, dates of birth, doctor identifier and immunization names.

“Metro Health takes the privacy of individual health information seriously and is reviewing all practices and policies associated with the handling and transport of protected health information,” a spokeswoman said to woai.com.  “While the likelihood of harm from this breach is minimal, those affected by this theft are being individually notified and advised to monitor their health insurance statements closely for any unusual activity.”

Metro Health’s site fails to explain the laptop location at the time of the theft. Also it has been come to the notice that laptop which contained vaccination records from the Vaccines for Children program, has not been recovered.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Tools for Compliance management which can boost security

June 24th, 2014
English: A candidate icon for Portal:Computer ...

Tools for Compliance management which can boost security

HIPAA has certain set of rules when it comes for compliance management. Compliance requirements are many times seen as an unnecessary burden but if proper procedures are followed then it can protect your organization even from data breach. Moreover it can also protect you from lawsuits to corporate espionage. The risk associated with compliance failures can include financial impact or fines, data loss, lost business or even a suspension of operations.

Below is the list of compliance management tools -

  • www.glpi-project.org: A free, open source tool, GLPI offers IT and asset management capabilities. After all, a good inventory is the first step in seeing what needs to be secured.
  • www.ptatechnologies.com: A free toolset that is driven by the methodology of effectively managing operational and infosec risks in complex systems using calculative threat analysis and threat modeling.
  • www.somap.org: The ORICO Framework and Tool are two projects in one, offering risk management and the toolset to build a reference implementation of a security framework.
  • sourceforge.net/projects/assetmng: An open source IT asset management system that provides identification, valuation and risk assessments.
  • http://openfisma.org : An open source framework that is designed to reduce the complexity and automate the regulatory requirements of the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).

IT managers may need to build their own solutions and integrate off-the-shelf products with other solutions. Luckily for those choosing a path of self-development, several free tools can become part of an integrated solution.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

LA County heighten encryption policies after data breach

May 24th, 2014
Cryptographically secure pseudorandom number g...

According to reports, LA County is in the process of boosting encryption policies which includes reviewing privacy and security procedures.

According to reports, LA County is in the process of boosting encryption policies which includes reviewing privacy and security procedures. Los Angeles County Department of Health Services (DHS) also initiated new efforts to boost security after recent data breach that affected 342,000 patients.

After the breach, DHS has taken following initiatives -

  • It will boost data security rules
  • Mandating encryption for employees laptops and computer workstation hard drives

L.A. county contractors that exchange patient data with the county must also encrypt the data in motion. Lisa Richardson, DHS spokeswoman, added that the Sutherland incident “alerted us to some necessary security measures.”

It is curious to learn about DHS’s encryption policies prior to the Sutherland breach and what other types of changes it made to safeguards as a result of the data breach.

Important : Health and Human Services (HHS) will be looking to ensure that organizations have encrypted devices containing protected health information (PHI).

It was observed that ideal scenario is not to include sensitive data on local desktop and laptops. But as this situation is difficult to achieve due to work requirements, it is advised to encrypt your devices.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Another 3,497 patients added to data breach list

May 17th, 2014

English: Sutherland Hospital, Caringbah, New S...

Sutherland Healthcare has to add names of 3,497 patients in the list of data breach.

Sutherland Healthcare has to add names of 3,497 patients in the list of data breach. In April, Sutherland has already added 170,200 patients to the list of affected. Now new addition has increased the count to 342,000.

All the patients received Drug Medi-Cal services through the Department of Public Health. Though no Social Security numbers were included in the breach, patient names, addresses and billing information may have been compromised.

The incident dates back when eight computers were stolen from Sutherland’s Torrance, Calif. office. In the initial reports 168,000 patients were included in the affected list for whom patients’ first and last names, Social Security numbers and certain medical and billing information were potentially compromised.

The notification sent by Sutherland to patients assures them that the company takes “patient privacy very seriously,” but doesn’t notified whether it cared enough to encrypt the data.

The California Attorney General’s office likes encryption and noted in a report last year that more than half the 2.5 million victims of data breaches it surveyed in the state in 2012 would have benefited from its presence. Sutherland’s notice offered those affected free credit monitoring services through ID Experts. The final number on the Sutherland breach is as yet unknown, as they did not disclose how many other covered entities may have been affected by this breach.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta