Central Illinois

personal data of 4 million Advocate Patients at risk

August 2nd, 2013

Patients of Advocate Medical Group, located in Central Illinois are among those whose personal information may be at risk after four computers were stolen in a burglary of an Advocate administrative building in Park Ridge.

Advocate Medical Group is a physician-led group that includes about 1,000 doctors at more than 200 locations in the Chicago area and central Illinois. It is part of Advocate Health Care, the largest health system in Illinois with 13 hospitals.

The computers stolen did not contain any patient medical records, however  4 million patient’s information including names, addresses, dates of birth and Social Security numbers were compromised during this overnight burglary. The computers also contained some clinical information, such as medical record numbers, treating physicians and/or departments, medical service codes, diagnoses and health insurance data.

Advocate sent the letters about the burglary to an estimated 4.03 million patients, including people who have visited a doctor in the Advocate Medical Group.

Advocate’s chief medical officer, Kevin McCune, said in a statement “Security is a top priority for our health care ministry. Nothing leads us to believe that the computers were taken for the information they contained or that any patient information has been used inappropriately”.

Officials said that the stolen computers were password protected, but unencrypted.Security cameras were in place at the time of the burglary.

Security measures have been improved by the officials by adding 24/7 security personnel at the office where the break-in took place, said Stephanie Johnson, an Advocate spokeswoman.

The Park Ridge Police Department was notified after the break-in occurred, but till date they have not been able to recover the computers. Police officials did not return a call seeking comment.

When asked why patients were being noticed more than a month after the burglary, Johnson said: as the Advocate officials wanted to first conduct an internal audit to find out what data the computers contained and then inform the affected patients, the officials waited more than a month to contact patients after the data theft occurred.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta