OhioHealth has issued health data breach notification letters after misplacing an unencrypted flash drive. Flash drive has not yet been recovered and the OhioHealth mentioned that there is no reason to believe that the missing flash drive was stolen or has been misused.
The affected information includes patient names, medical record numbers, names of insurance companies, physician names, addresses, dates of birth, referral and treatment dates, the type of procedures conducted, and in a few cases, clinical information and Social Security numbers.
As per the OhioHealth statement, few numbers of patients are affected. Specifically, only patients who were to receive valve replacements or those who participated in valve replacement studies at Riverside Methodist Hospital between July 2010 and December 2014 may have been affected by the health data breach.
The OhioHealth statement did not mention the number of affected patients. According to an article by The Columbus Dispatch, there were 1,006 patients affected and potentially 30 Social Security numbers compromised.
OhioHealth believes the flash drive has simply been misplaced by an employee. It has still decided to send out data breach notification to all those who may have potentially been affected.
“OhioHealth is deeply committed to the sacred trust that we hold in providing quality care to our patients and families, including as it relates to the protection of their confidentiality,” OhioHealth said in a statement. “We sincerely apologize and regret that this incident has occurred.”
Alertsec strengthens security
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.