Houston

Medical records in Dumpster

November 15th, 2014

Another case of improper disposal came to notice in Texas when medical documents containing “sensitive personal information” were spotted in a dumpster outside of a church in Alamo Heights. Affected information includes patients’ medical records and PHI from the offices of Dr. Huyen Nguyen and Dr. Orlando Kypuros. Affected information includes Patients’ medical conditions, Social Security numbers and driver’s license numbers.

“We were shocked that such information was found unsecure and outside our office,” Nguyen and Kypuros said in a statement to the news station. “Upon discovery of the breach, we immediately investigated the incident to determine how it occurred. Our investigation revealed that some of our employees were not following our office policy, which required protected health information to be shredded. Instead, they were placing the documents in a recycling container.”

After the breach, doctors ‘until further notice’ terminated the recycling program, counseled and retrained all employees, and revised their policies and procedures to ensure that such situation never happens again.

“We are in the process of identifying all affected patients and providing written notification in compliance with state and federal law, which will provide notification of the breach and directions for placing a fraud alert on a credit report,” the statement read.

Affected patients with most sensitive information were contacted personally by the doctor’s office and free credit monitoring services for one year has been setup. Number of affected patients is not known but all the records are under lock and key while the search for an explanation begins.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

596 Houston patients’ information at risk

August 26th, 2013

A laptop containing information of nearly 600 orthopedic students was stolen from a doctor affiliated with the University of Texas Health Science Center at Houston.

The University of Texas Health Science Center at Houston, the most comprehensive academic health center in the UT System and the U.S. Gulf Coast region, is home to schools of biomedical informatics, biomedical sciences, dentistry,medicine, nursing and public health. UTHealth educates more healthcare professionals than any other health-related institution in the State of Texas.

Letters notifying about the theft were mailed to the patients 26 days after the un-encrypted laptop was stolen from a locked closet in the orthopedic clinic. The laptop was attached to an electromyography machine used by a member of the health science center’s medical practice group, known as UT Physicians. The investigation for the stolen laptop is still continuing, in conjuction with UT Police.

A letter signed by Andrew Casas, UT Physicians’ chief operating officer said “UT Physicians does not have any reason to believe that the information has been accessed or used by any unauthorized individual. We believe that the laptop may have been taken for the value of the hardware, not to gain access to its data content.”

As told by Casas, the stolen laptop contains patient names, birth dates, medical record numbers and hand and arm image data. It does not include addresses, social security numbers or insurance or other financial information.

He also requested the 596 affected patients to review their health insurance activity as a precaution and report in case of any suspicious activity.

The security breach is just the latest in the Texas Medical Center. Since 2010, there have been incidents at the UT Medical Branch at Galveston, UT M.D. Anderson Cancer Center, Houston Methodist Hospital and Texas Children’s Hospital. M.D. Anderson’s two breaches in 2012 involved the data of more than 32,000 patients.

The UT Houston health science center and physician group had previously encrypted more than 5,000 laptops, but not the laptop in question, said chief information security officer Amar Yousif. He described the computer as “not your typical laptop” because it uses a hard-to-obtain power source and propriety hardware and software. It was never attached to any wired or wireless network and its power cord is not missing.

A physical search of all clinics and offices is being conducted by UT Physicians to ensure there are no other un-encrypted laptops or storage devices attached to medical equipment, Casas’ says in a letter.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta