California Department of Public Health

AltaMed Health Services suffers data breach

September 2nd, 2014

Sensitive data was potentially breached when an employee stole patient records in an apparent identity theft ring from AltaMed Health Services. According to the reports, 2,995 patients’ were affected by this breach. AltaMed offers a variety of healthcare services and temporary employee should not be given access to patient medical records.

Law enforcement, which was conducting an investigation of the breach informed AltaMed about the breach. Agency has a hard drive that’s believed to hold patient records. Temporary employee working with AltaMed has accessed electronic and paper records and affected patients include those who attended one of its community events in Orange and Los Angeles Counties.

The date breached includes patient names, email addresses, telephone numbers, Social Security numbers, provider information, insurance information, dates of birth, and addresses. “The organization takes the security of personal and protected health information very seriously and is undertaking efforts to mitigate the risk of this happening again,” The statement said.

AltaMed notified patients, California Department of Public Health, the California Attorney General’s office, and the Department of Health and Human Services (HHS).

Excerpts from the AltaMed Website Statement:

As part of its ongoing commitment to privacy and data security, AltaMed Health Services is issuing this updated website statement notifying affected individuals of a recent incident that may affect the security of their personal and protected health information. The organization takes the security of personal and protected health information very seriously and is undertaking efforts to mitigate the risk of this happening again. 

The organization launched an internal investigation into the matter to determine what AltaMed records this individual may have accessed during her employment.  The organization retained information privacy and data security legal counsel to assist with its investigation. This investigation is ongoing.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

 

Laptop Stolen: 3,541 UCSF patients information at risk

October 2nd, 2013

UCSF Medical Center is recognized throughout the world for innovative patient care, advanced technology and pioneering research. It is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care.

A laptop belonging to an employee of UC San Francisco was stolen. Some patients were informed about this laptop theft as the laptop held patient’s personal information.

The security for the protection of health information at UCSF is of utmost importance. UCSF is taking best possible caution and concern, while there is still no evidence that there has been any attempt to access the information.

Letters have been sent informing the 3,541 patients whose information was there in the laptop. The California Department of Public Health and the California Attorney General have been alerted, and federal authorities are also being notified. A special phone line has been installed to address questions from patients who receive the notification letters.

As told by UCSF an unencrypted personal laptop was stolen from the locked vehicle of a UCSF Medical Center employee who works in the Division of Transplantation. When the employee came to know about the theft, he instantly informed San Francisco police, UCSF police and UCSF officials.

To find what information was in the laptop, UCSF immediately began an extensive technical analysis. The analysis revealed that the laptop contained personal and health information of some UCSF patients, including their name and medical record number. Social Security numbers were also involved for a small number of individuals.

Paper documents of 31 patients were also stolen, some of whose information was also on the laptop. Information in the paper documents included patient names, date of birth, medical record number and some health information.

Special phone line has been set up by UCSF to provide additional assistance to all the affected individuals.

UCSF is committed to maintaining the privacy of personal information and takes many precautions to secure that information. In response to the incident, UCSF is working to strengthen educational and operational processes to safeguard patients’ health information.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Computer containing 3541 patients data stolen from UCSF employee’s car

September 16th, 2013

An unencrypted laptop containing the medical and personal data of more than 3,500 UC San Francisco patients was stolen from an employee’s car.

The theft, which could cost the university hundreds of thousands of dollars in fines, is just the latest in a series of IT security breaches in recent years that have cost the institution millions.

The computer belonged to a Medical Center employee who works in the Division of Transplantation, according to the school. The name of the employee was not released.

The 3,541 patients affected by the theft were notified via letter that some of their medical data was on the stolen laptop. The data include names, dates of birth, some health information and medical record numbers. In some cases, the information included Social Security numbers. Paper documents containing medical data of 31 patients also were taken.

The letter, which the university was required to file with the state Attorney General’s Office, also gave patients a number to a special hotline set up to assist them and a year of free credit monitoring. UCSF also reported the incident to the California Department of Public Health and federal authorities.

In addition to fines related to losing the data, UCSF may face fines for failing to report the security breach within five business days, according to the agency.

UCSF did not determine specifically what kind of information was on the computer according to the notification letter.

In the past few years, a handful of similar security breaches have occurred at UCSF.

Most recently, in 2010 another laptop was stolen from an employee. It contained data from 4,310 patients. In 2009, a phishing scam gave hackers access to the medical data of 600 patients. In 2008, another security breach occurred involving information for 2,625 patients. And in 2007, university IT teams caught a hacker in the act.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

3514 UCSF patients information on stolen laptop

September 10th, 2013

UCSF is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care. It includes top-ranked graduate schools of dentistry, medicine, nursing and pharmacy, a graduate division with nationally renowned programs in basic biomedical, translational and population sciences, as well as a preeminent biomedical research enterprise and two top-ranked hospitals, UCSF Medical Center and UCSF Benioff Children’s Hospital.

A laptop belonging to an employee of UC San Francisco was stolen. Some patients were informed about this theft as the laptop held patient’s personal information.

The security for the protection of health information at UCSF is of utmost importance. UCSF is taking best possible caution and concern, while there is still no evidence that there has been any attempt to access the information.

Letters have been sent informing the 3,541 patients whose information was there in the laptop. The California Department of Public Health and the California Attorney General have been alerted, and federal authorities are also being notified. A special phone line has been installed to address questions from patients who receive the notification letters.

As told by UCSF an unencrypted laptop was stolen from the locked vehicle of a UCSF Medical Center employee who works in the Division of Transplantation. When the employee came to know about the theft, he instantly informed San Francisco police, UCSF police and UCSF officials.

To find what information was in the laptop, UCSF immediately began an extensive technical analysis. The analysis revealed that the laptop contained personal and health information of some UCSF patients, including their name and medical record number. Social Security numbers were also involved for a small number of individuals.

Paper documents of 31 patients were also stolen, some of whose information was also on the laptop. Information in the paper documents included patient names, date of birth, medical record number and some health information.

Special phone line has been set up by UCSF to provide additional assistance to all the affected individuals.

UCSF is committed to maintaining the privacy of personal information and takes many precautions to secure that information. In response to the incident, UCSF is working to strengthen educational and operational processes to safeguard patients’ health information.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta