Someone mailed patients’ records to their homes to prove that Boulder Community Health (BCH) has lapses in security. It is one of kind of incident where context of breach is bizarre. BCH located in Colorado is investigating the incident. Earlier incidents include BCH notifying 178 patients when paperwork was missing. A different incident of BCH happened in which two unlocked recycling bins left 79 patients’ records exposed.
The letters which was sent out contained information of the records from the clinic sites on the main Foothills campus and the Riverbend Office Park neighboring the campus. The letter was sent to the patients to show the lapses of BCH in securing patient’s information. It mentioned that the sensitive information was taken from the papers present in trash bins just outside of the campus.
“If you travel north of Arapahoe (Avenue) on 48th (Street),” the letter said, “you will see the blue containers that contain medical records. These containers are often left unlocked.”
BCH has claimed that it has checked and reviewed employee privacy training and education and added automatic locks to recycle bins. It was not clear exactly whether there was a shredding policy in place.
“Our immediate goal is to determine the scope of this situation,” Boulder said in a statement. “We will work with any affected clinics to assess the impact on their patients and provide support to affected individuals.”
The letter also didn’t fail to accuse the organization of focusing on making money while not emphasizing patient privacy. Based on the reports, it was clear that unknown person inappropriately took nine patients’ records and sent them to those patients in an attempt to shed light on Boulder’s alleged lax patient privacy policies.
Alertsec strengthens security
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.