Data breach in Mayo Clinic Health

July 23rd, 2015

The Mayo Clinic Health System in Red Wing, Minnesota reported data breach when 601 patient records were inappropriately accessed by an employee. According to the Mayo Clinic Public Affairs Manager Asia Zmuda – “an employee accessed patient records beyond the scope of authorized access and assigned job responsibilities.” The employee is no longer employed at the health system, according to the emailed statement.

“An internal investigation was immediately launched and a detailed analysis of the individual’s access yielded no evidence that financial information was accessed or that any health information was further disclosed,” Mayo Clinic explained. “Mayo Clinic will continue the proactive monitoring of patient records to prevent further incidents from occurring. Mayo Clinic takes this matter very seriously and is committed to maintaining the highest levels of integrity and trust for those it serves.”

Mayo Clinic is currently in the process of notifying patients who were affected by this incident, according to the organization’s statement. It was not specified what type of information was accessed, but Zmuda underlined the fact that financial information was not involved and that health information was not further disclosed.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Hard Drive Stolen from Employee’s home

February 10th, 2015

A medical facility in Tennessee suffered data breach when employee was burglarized and the hard drive was stolen. Reportedly, the personal electronics was also stolen from employee’s home. According to the Baskin Cancer Foundation statement, the device contained patient demographic information, dates of birth, Social Security numbers, phone numbers, and first and last dates of clinic visits. In terms of employee data, the hard drive contained titles, office location, Social Security numbers, dates of birth, pay rates, hire dates, and termination dates (if applicable).

Highlights of the data breach and statement:

  • The employee was properly authorized to work on the data at home as part of his job.
  • The hard-drive was not encrypted
  • The affected individuals are patients who were seen at each of Boston Baskin’s office locations between 2008 and July 2014.
  • All affected individuals are being notified by mail.
  • Patients and employees may wish to place a fraud alert on their credit reports. Questions may be directed to a toll-free helpline

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.