Log in

Posts Tagged ‘Health’

Laptop of Portland Psychologist stolen, 4000 patients face possible identity breach

August 17th, 2010

Dr. David Gostnell, a Portland psychologist is alerting 4,000 patients after his laptop, which contained personal health information, was stolen from his car on July 7.

The laptop contained clinical evaluations, with patients’ full names, Social Security Numbers & diagnosis. Gostnell’s briefcase was taken as well, but was recovered from a nearby garbage bin. It contained individual evaluation records. The theft was reported to the police the next day.

Although the laptop was password protected but he was not using any computer protection software. Also, there was a disc in the CD drive that contained a partial backup of the hard drive, Gostnell said. He also added, the breach doesn’t involve any patients he evaluated at Oregon Health and Science University Hospital. Patients at his Northeast Portland practice, however, should call 1-877-461-7657.

He doubts if the laptop was stolen for the purpose of identity theft and believes that till now none of the personal information has been misused or leaked.

According to OHSU’s website, David Gostnell, Ph.D. is a clinical assistant professor in the Departments of Neurological Surgery and Medical Psychology, consulting with neurosurgeons and other physicians in chronic pain conditions and performing pre-surgical psychological assessments.

At OHSU and in his private practice in Northeast Portland, he assesses and treats patients with neurological disorders. He also acts as a consultant with Kaiser Permanente.

How Alertsec Xpress Would Have Helped

If you use a laptop encryption software a theft would simply be reduced to an insurance matter and cost of the hardware plus time to rebuild the laptop. That is certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model. Feel free to subscribe for your personal 30-day free trial.

No comments »

Posted in Uncategorized

Tags: Crime David Gostnell Hardware Health identity theft Portland Oregon Social Security number Theft

Robbers steal laptop, with it invaluable Cancer research data

August 11th, 2010

Biomedical chemist, Galen Loving left his laptop at a restaurant, from his dinner in Somerville a few days back. The laptop containing priceless data from his cancer research was stolen by someone from the restaurant.

“I feel ridiculously stupid,” said Loving, 33, who is doing cancer research at Massachusetts General Hospital. “I always thought if I lost data it would be because I dumped my water bottle over the keyboard. I never thought I’d leave it in a restaurant.

“I have very little faith that I’ll ever see it again,” he said. “With unemployment at (nearly) 10 percent, people have become a little bit more morally flexible.”

Loving, a Harvard Medical School research fellow at Mass. General’s Martino Center focused on pancreatic cancer, left work on Thursday and treated himself to a meal at Anna’s Taqueria in Davis Square. He said he “mindlessly” kept his laptop and umbrella on a chair beside the table, but didn’t remember to pick them up while leaving.

He didn’t remember he has left the laptop at the restaurant until Friday morning. He’s since kept in touch with staff at the Mexican taco hut, but with no success.

Loving did back up his data on USB keys, but unfortunately they were also there on the laptop bag which was stolen.

In addition to “a lot of papers and presentations that I’d put together,” Loving said the computer contains e-mails he had saved, failed studies that he and other researchers hoped to review and future projects he intended to tackle. As of last night, management at Anna’s told the Herald the laptop hadn’t surfaced.

“The computer, of course, is very expensive, but I just wish I had the data. I don’t think it would be of use to anybody”, Loving said.

Get Laptop Encryption now!!

While huge sums are spent on protecting internal networks from hackers, employees are walking out the front door with laptops that not only have vast quantities of data stored on them, but also have applications connecting to internal networks and protected websites.

80% of information theft results from lost or stolen equipment. 50% of network intrusions take place using credentials from lost or stolen equipment. With laptop encryption installed, none of the information or credentials would have been lost. Try Alertsec Express now.

No comments »

Posted in laptop encryption, laptop theft

Tags: Cancer Hardware Harvard Medical School Health Massachusetts General Hospital Notebooks and Laptops Research USB flash drive

Major Data Breach at Louisville hospital

June 23rd, 2010

: Jewish Hospital, Louisville

A Jewish hospital in Louisville is under severe fire with a damaging lawsuit filed against them for affecting a major data breach. As per the news reported in 3wave.com, a flash drive which contained the medical records information of more than 24,000 patients was mysteriously misplaced from the Our Lady of Peace Hospital. To make matters worse, one of the patients who is on the list is suing Our Lady of Peace and its parent, Jewish Hospital.

As per the new rules in the HITECH Act orgniazation are require to make disclosures within 60 days for breach incidents which involve more tha 500.

While the flash drive had disappeared on April 1, the hospital ran a legal advertisement notifying the public in Louisville’s largest newspaper, Courier-Journal on April 29 .

The flash drive contained unencrypted data of all patients admitted and patients assessed from 2002 till 2009. The patients data included name, room number, insurer name, and admission and discharge dates. What it didn’t have is information on treatments, Social Security number, date of birth, telephone numbers or address.

The patient’s attorney Ken Henry filed the lawsuit in Jefferson County which accuses the hospital of invading privacy, causing emotional stress and major negligence. The attorney wants Jewish hospital to pay for credit monitoring services for five years. In addition, patients are seriously upset over public leakage of their diseases. Apparently, the hospital treats the patients for sensitive diseases and obviously none of the patients is happy at the exposure of confidential information.

Barbara Mackovic, a spokeperson of the Jewish Hospital said,

“Patient confidentiality is sacred to us and our patients. We have taken this breach seriously, and we regret and apologize for any concern this has caused our patients and their families.

As we explained immediately to the people affected, as soon as we discovered the breach, we launched a full-scale investigation and took steps to prevent future breaches.

The news of data breach at a premier hospital is not new as during the last couple of months, many reports of data leaks have emerged across several hospitals in the United States. Last month we had analyzed a data breach incident at Cincinnati Children’s Hospital. It is time for hospitals to reviews their policies, procedures and implement the right computer security software which prevent damages even incases of theft and leaks.

No comments »

Posted in Data Protection, data breach

Tags: Facilities Health Hospital Jewish Hospital Louisville Medical record Medicine United States

Data Breach at San Bernardino Community Hospital

June 15th, 2010

: Image via Wikipedia

The Community hospital of San Bernardino has been reprimanded with a fine of $325,000 for violating confidential patient data in a major data breach incident. Apparently, the fine was imposed on the hospital because there was unauthorized access of the medical information of 204 patients by an employee. Initiialy, the fine was calculated at a value of $250000.

However, another $750000 was added when a separate case involving the unauthorized access of medical records of 3 more patients was found out.

Diane E. Nitta the hospital administrator said that hospital has,”enhanced staff education efforts around patient privacy (and) put in place expensive security measures that guard against inappropriate access to our patients’ records.”

According to the official spokeswoman of the hospital, Tobey Robertson none of the information was used to harm the patients.

How did these incidents happen?

In the first case, a radiology technician had obtained access to computerized medical records of 204 patients without a clinical need for the information.
In the second incident, a clerk had let a friend enter a restricted area, where the person heard confidential patient information given by three patients during the admitting process.

Apparently, the Department of Public Health has fined 5 authorities for data breach and the hospital is one of them.

Frequent incidents like these highlight the structured use of computer security software and data encryption software which ensures the protection of data and prevents loss of information incase of theft and losses.

Stay Secure with Alertsec Xpress

Why do data breach incidents happen in the first place? Perhaps your organization didn’t take the requisite steps or there was some level of negligence with the handling of data.

If you use a data security software a theft would simply be reduced to an insurance matter and cost of the hardware plus time to rebuild the laptop. That is certainly a small price to pay compared to what can happen if you lose confidential or senstive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model. Feel free to subscribe for your personal 30-day free trial.

Nine California hospitals fined for serious medical errors (latimesblogs.latimes.com)

No comments »

Posted in data breach

Tags: computer security software data breach data encryption software data security Facilities Health Hospital Medical record Medicine privacy Public health Radiology San Bernardino San Bernardino California security United States

Data Breach Incidents at Kentucky Hospitals

May 3rd, 2010

: Image by Agathe B via Flickr

Hospitals in Kentucky witnessed severe data breach incidents which contained critical information about the patient records.

Missing Flash Drive

The first incident was report at Our Lady of Peace, a psychiatric hospital in Louisville. It was learnt that a flash drive which had information of 24,600 individuals went missing from the beginnning of April. Although, there was information posted on the website hospital did run a legal advertisement notifying the public in the Courier-Journal, which is the largest newspaper in Louisville. The advertisement was published recently in the newspaper on April 29.

We had recently mentioned the changes in regulations, where according to the new definitions in the HITECH Act organizations are required to disclose data breaches within 60 days of occurance. These reports are applicable for all incidents where 500 or more individuals are affected. Any incidents which are small can be reported on a yearly basis.

According to the hospital authorities, the stolen piece of flash drive contained the data of patients who had bone density testing done between 1997 and 2009. The patients data included their name, room number, insurer name, and admission and discharge dates. It did not include diagnoses or treatments, Social Security number, date of birth, telephone numbers or address.

Our Lady of Peace is reeducating employees on ways to protect patient information, implementing encryption technology and disciplining an undisclosed number of employees, according to a media statement.

Spokeswoman Barbara Mackovic said, “We very much regret that this situation occurred,”. “We apologize for any concerns that have been caused for our patients and their families.”

Case of Stolen Hard disk

In another incident, The Medical Center at Bowling Green, a 337-bed, full service, not-for-profit hospital has reported the loss of hard drive containing the data of 5,418 patients. The equipment had the data of patients who had bone density testing done between 1997 and 2009.

The information on the stolen device was unencrypted and it included each patient’s full name, date of birth, address, medical record number and physician name. There were some records for which information also included social security numbers, weight, height, and menopause age.

The hospital authorities quoted on a website, “We will now archive data to a secure network, which will allow us to eliminate the need for use of a hard drive like the one that was stolen,”. “Additionally, we will ensure that we do not have any other equipment configurations that utilize a portable hard drive containing non-encrypted data.”

According to Dori Thomas, vice president of marketing and development for parent corporation Commonwealth Health Corp, ”The hospital has been working toward the goal of having all data encrypted, an initiative that started before the data breach“.

Once again, these incidents raise hard questions about the approch and sensitivity towards data/information security as adopted by private agencies, enterprises and government organizations.

About Alertsec

Businesses need to accept encryption as a key part of their data protection strategy. Do your company a favor and explore the benefits Alertsec Xpress can offer you.