Indianapolis

Settlement of $12,000

January 6th, 2015

Indiana’s Attorney General finalized a settlement with Dr. Joseph Beck. Earlier 60 boxes of Beck’s patient records were found in a dumpster. Beck agreed to pay a $12,000 penalty in a consent agreement with the state. Dr. Joseph Beck works as a dentist who was accused of mishandling 5,600 patients’ medical records.

“In an era when online data breaches are top of mind, we may forget that hard-copy paper files, especially in a medical context, can contain highly sensitive information that is ripe for identity theft or other crimes,” Attorney General Greg Zoeller told. “This file dump was an egregious violation of patient privacy and safety.”

There are series of charges against beck which includes fraudulent billing and negligence. The affected information includes Patient names, medical records, phone numbers, dates of birth, Social Security numbers, insurance cards, insurance information and state ID numbers. The incident happened when Beck hired the third-party company.

“The amount of sensitive, personal data that is stored online is growing every day, and the risks are obvious as more people are impacted by massive corporate data breaches or individual identity theft that can imperil a consumer’s good name and credit rating,” Zoeller said, according to the Indiana Attorney General website. “Our existing laws are proving inadequate to address this global crime, and we must sharpen our legal tools and take action to keep Indiana on the forefront of protecting consumers.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Indianapolis hospital sent letters with patient information

July 6th, 2014

St. Vincent Breast Center of Indianapolis sent letters with patient’s information to the wrong addresses. The breach has caused St. Vincent to send alert to around 63,000 patients. Incident came to notice, when wrong recipients of the letters began calling hospital about the breach. Letters contained printed information which includes patient names, addresses and some scheduled appointments.

According to the St. Vincent there was no financial data or Social Security numbers involved in the incident. Hospital destroyed the letters which were sent by the patients. But the number of sent letter remains unknown.

“We value the privacy and security of patient information, and regret this mailing error,” Rex McKinney, privacy officer for St. Vincent Indianapolis Hospital, said to wishtv.com. “It is our priority to support those who have been affected and make the necessary changes to our patient mailing process to avoid future occurrences. We sincerely apologize for any inconveniences resulting from this unfortunate incident.” McKinney added that the organization will implement new patient information mailing strategies going forward.

Statement on St. Vincent Breast Center website includes:

Please be assured that the Center is taking steps to mitigate this incident by notifying affected individuals through this substitute notice, media notice, and destroying all letters that have been returned. The Center is also evaluating and making changes to its patient mailing processes internally and with external vendors to avoid an incident of this nature in the future.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

White Lodge Investigates Data Breach, Card Fraud

February 8th, 2014

White Lodging Services, a hospitality company that manages 168 hotels in 21 states under Hilton, Marriott, and Sheraton brand names, is investigating a suspected credit and debit card breach. It has suspected 14 hotels along with some hotel restaurants and lounges where the possible breach happened at point of sales systems. It suspected below establishments.

  • Sheraton Erie Bayfront, Erie, Pa.
  • Marriott Midway, Chicago, Ill.
  • Holiday Inn Midway, Chicago, Ill.
  • Holiday Inn Austin Northwest, Austin, Texas
  • Westin Austin at the Domain, Austin, Texas
  • Marriott Boulder, Boulder, Colo.
  • Marriott Denver South, Denver, Colo.
  • Marriott Indianapolis Downtown, Indianapolis, Ind.
  • Marriott Richmond Downtown, Richmond, Va.
  • Marriott Louisville Downtown, Louisville Ky.
  • Renaissance Plantation, Plantation, Fla.
  • Renaissance Broomfield Flatiron, Broomfield, Colo.
  • Radisson Star Plaza, Merrillville, Ind.

Information about the breach first came to notice when security journalist Brian Krebs reported, Marriott properties operated by White Lodging Services based in Merrillville, Ind was affected by the unnamed card processors tied to fraud involving hundreds of credit cards to a number of this property. He reported location of other affected hotels as Austin, Texas, Chicago, Denver, Los Angeles, Louisville, Ky., and Tampa, Fla., among other cities.

White Lodge spokeswoman Kathleen Quilligan told The Times of Northwest Indiana, “An investigation is in progress, and we will provide meaningful information as soon as it becomes available,” White Lodge is owned by Dean White 90, whose Forbes estimation is $1.9 billion. His company manages 168 hotels under variety of brand names.

Hilton, Starwood Hotels and Resorts Worldwide Spokesperson did not immediately respond to an emailed request for comment on apparent data breach. Marriot issued a statement later about the White Lodging Data breach which includes, ‘”One of our franchise management companies has experienced unusual fraud patterns in connection with its systems that process credit card transactions at a number of hotels across a range of brands, including some Marriott-branded hotels,” and it continued “They are in the midst of the investigation and are in close contact with the banks and credit cards companies.”

Marriot failed to share details immediately as per the statement as it says “Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide,” and “Since this impacts customer of Marriott properties, we want to provide assurance that Marriott has a long-standing commitment to protect the privacy of the personal information that our guests entrust to us, and we will continue to monitor the situation closely.”

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software. Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta