A Montana urology clinic storage unit that housed patient records was broken into and patient data was possibly accessed. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) online breach reporting database shows that 6,500 patients were affected.
Practice manager Tanna Darling mentioned that Urology Associates have sent data breach notification letters to patients. Darling said that “over a few thousand” letters were sent out.
Urology Clinic officials reported that the break-in occurred at the clinic’s storage unit having gated facility. There is possibility that the unauthorized individual was renting a separate storage unit at the facility and therefore had access to the first gate.
“Everything was in disarray, but it honestly didn’t look like they took anything,” Darling said.
Kalispell Police Department Captain Scott Warnell said that the incident is part of a larger trend that is happening across the county, and that the department is making extra patrols on storage units to ensure that unauthorized individuals are not in the area. Patients whose information was possibly accessed will receive one free year of credit monitoring from Urology Associates.
Montana data breach notification law was updated last year.
“Upon discovery or notification of a breach of the security of a data system, a state agency that maintains computerized data containing personal information in the data system shall make reasonable efforts to notify any person whose unencrypted personal information was or is reasonably believed to have been acquired by an unauthorized person,” the law states.
Alertsec strengthens security
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.