Health data breach complaint filed by Milwaukee

November 10th, 2013

Dynacare, a clinical laboratory services company lost a USB flash drive with unencrypted patient data during data breach incident. Milwaukee handed the data over to Froedtert Health’s Workforce Health, a public health organization that had contracted with and has an ownership interest in Dynacare.

The lost flash drive contained 6,000 Milwaukee employees’ data such as names, addresses, dates of birth, Social Security numbers and gender. And it stored the names of 3,000 spouses and domestic partners as well, so there was a great amount of Milwaukee patients affected. The city’s complaint may be redundant in light of Dynacare previously reporting the breach to the Department of Health and Human Services (HHS). But here’s the statement from Milwaukee City Attorney Grant Langley.

After consultation with members of the Common Council and the Mayor, the Office of the City Attorney has decided to file a formal complaint with the federal Office of Civil Rights against Dynacare Laboratories for its admitted breach of HIPAA security requirements regarding the private information of more than 9,000 City of Milwaukee employees, their spouses and their domestic partners.

I will be taking this action on behalf of the city and its employees based on Dynacare’s recent filing of a notice of breach of unsecured protected health information, its apparent unwillingness to communicate or cooperate with city representatives or to release details of its investigation, its failure to provide information to the city in order to protect our employees and the misleading comments Dynacare provided to the media.

It is important to note that the city’s contract for its wellness program is with Froedtert Community Health/Workforce Health. That is the entity to which the city provided employee information in a secured and password-protected manner, not Dynacare. The city continues to investigate the matter, and at this time has not ruled out further litigation.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta