Equifax

A box of documents spilled off of a courier truck

February 13th, 2015

Kaiser Permanente suffered possible data breach when a box of documents spilled off of a courier truck. Incident took place during transit of box from Kaiser Permanente’s Kona Medical Office to storage. The company is notifying about 6,600 patients which includes – 4,000 patients who has their prescriptions electronically filled and the information may have been printed and included in the box of documents. The other 2,600 patients had their prescription paperwork in the box.

“Swift action by Kaiser Permanente employees allowed the retrieval of many of the documents, but unfortunately, not all were recovered,” the statement explained.

The documents were expired prescriptions. Affected information includes names, addresses, dates of birth, and medical record numbers. Moreover, the type and amount of specific medications were on the papers.

“You may get a letter and still not be affected,” Kaiser spokesperson Laura Lott told the news source. “But, we’re being very cautious because it’s the right thing to do.”

According to Kaiser Permanente statement:

Organization will offer credit monitoring to members whose Social Security numbers or driver’s license numbers was potentially exposed.

We are taking this matter very seriously and will inform each of the individuals whose information may have been involved in the incident,” Kaiser Permanente said. “As part of our outreach we are advising affected individuals to contact one of the national credit reporting agencies (Equifax, Experian, or TransUnion) to place a fraud alert on their file.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

1,100 patients of St. Vincent Hospital notified about laptop theft

February 15th, 2014

St. Vincent Hospital notifies 1,100 patients of laptop theft. Letters were sent out for same. Laptop was used with an EEG machine went missing leading to potential data breach. Laptop was password protected which was connected to an EEG machine (for recording electrical activity in the brain) used for diagnostic testing was detached and stolen. Police was notified immediately after the incident. It is considered by the hospital that laptop was not stolen for the information it contained and thus there may be low risk involved in the data breach.

ST. Vincent spokesperson said that laptop was taken from euro diagnostic department of the main St. Vincent Hospital campus in Indianapolis, a unit where doctors, patients and family members of patients can usually be found.

In a statement issued by the hospital, it mentioned that laptop contained patients’ protected health information (PHI) which includes name, date of birth, gender, date of service, type of service and physician name. This diagnostic testing device didn’t contain information related to the social security numbers or financial data. Affected patients of this stolen incident were advised to request free credit reports from Experian, Equifax, or TransUnion. It is advised to the patients to get the report check for any breach.

According to the spokesperson, “St. Vincent is taking precautionary steps to avoid future incidents, and is evaluating its medical devices, and installing encryption protection software as appropriate. Also, the hospital is working to enhance its physical security measures.”

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta

Records stolen from CaroMont employee’s car

January 21st, 2014

CaroMont Regional Medical Center’s census report paper records for 191 patients were stolen from an employee’s car in Dallas. The information was reportedly stolen from the   employee’s car during a stoppage on the way to the office. Employee notified Dallas Police Department about the theft.

Employees have been known to take patient information out but certain steps are required to be followed to protect the information according to CaroMont spokeswoman Dallas Paddon.

Patient names, dates of birth, medical record number, and the reason for the hospital visits were the information present on the report. The census report was single printed document. CaraMount notified the affected patients. They are advised to monitor their credit and contact Experian, Trans Union, and Equifax because of possible financial information misuse. CaraMount didn’t mention the reason behind it.

Donnetta Horseman, CaroMont’s corporate responsibility officer, issued a statement about the theft Wednesday, “Upon learning of the unauthorized disclosure, we conducted a thorough investigation with the staff person and appropriate disciplinary actions were taken.”

The staff member has been disciplined and staff is being reeducated on patient information disclosure and CaroMont’s Notice of Privacy Practices as per CaraMount. But it was not made clear why the employee had the report in his or her car.

Previous year information from 1,310 patients with CaroMont Medical Group was sent through an unsecured email.  Email included information names, addresses, phone numbers, dates of birth, dates of service, medical record number, diagnonses, medication, and insurance company names, as well as two patients’ Medicare numbers.

Around 80% of information theft is due to lost or stolen laptops and other storage equipment. With the critical information at stake, many companies also use encrypted laptops/computers for storing records which is also stored in binder. With the misplaced or stolen laptops same as paper record can cause serious security concerns. To secure records or computers related stringent procedures should be followed.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Data Breach at Hope Family Health

September 8th, 2013

An unencrypted laptop containing 8,000 patients’ personal information was stolen which was under possession of a finance department employee of Hope Family Health of Westmoreland, Tennessee.

Patients who visited the organization between 2005 and August 2013 were notified via mail that their names, Social Security numbers and dates of birth have been potentially compromised as a result of the breach. “The information was password-protected; however, it was not encrypted. We don’t believe that anyone’s information has been accessed or used in any way that could cause harm.” said Chief Compliance Officer Joey Forman.

The laptop has yet to be recovered and though Hope has advised patients to check up on their credit and identity monitoring, it didn’t offer a year of free monitoring or a similar program. Hope has said that it has augmented security by moving all protected health information over to a state-of-the-art encrypted database server. “We have spent a lot of money and time to avoid anything like this from ever taking place again,” he said.

Since the theft, Hope Family Health has taken several measures to increase security, which included moving all protected health information over to a state-of-the-art encrypted database server, said Forman.

“We have spent a lot of money and time to avoid anything like this from ever taking place again,” he said.

Those whose personal information is included in any data breach should place a fraud alert or security freeze on their credit reports to help protect against new account fraud, said Michele Cacdac-Jones, spokeswoman for Equifax, a credit-monitoring company. Affected individuals should keep an eye on their credit and financial reports regularly, as identity thieves sometimes take a year or more to use someone’s information, she said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta