Kamala Harris

Data accessible on third party website

December 21st, 2014

Redding, Calif.-based Mercy Medical Center found out that physician progress notes were publically accessible on a third-party website. Potentially affected patients took the treatment at Mercy Medical. Data breach doesn’t include Social Security numbers and other financial information.

The affected information includes patient names, medical record numbers, dates of birth, ages, dates of service, diagnoses, medications, review of systems, current therapies, and treatment plans.

“We sincerely regret this incident occurred and are taking appropriate measures to prevent any similar incident in the future, including continuing efforts to educate staff and physicians on securing medical information,” Michelle Kirby, Dignity Health Service Area Compliance Director mentioned on the letter which was posted on the California Attorney General’s website.

According to the reports, patients’ information is not believed to have been accessed inappropriately. Kirby suggested that patients can contact one of the three major credit bureaus and place a fraud alert on their credit file.

According to the statement, Mercy Medical simply explained that “Upon discovery the third party removed the link from their website rendering the information no longer accessible.”

Points to be considered:

  • Facilities should be active in implementation of security measures
  • All aspects of security should be considered instead of focusing on one
  • Proper training of the staff

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

California AG reports 131 Data Breaches in 2012

July 17th, 2013

Data breach incidents are increasing at fast pace and their impact is affecting millions of people. California being one of its victims, the personal information of millions of individuals were exposed in data breaches last year.

Personal information of 2.5 million residents of California were exposed in 131 online data breaches in 2012, as indicated by a recent study done by Attorney General of California. However, more than half of these incidents were easily avoidable.

In a report released by the Attorney General Kamala Harris she revealed that out of 2.5 million California residents affected by data breaches in 2012, 1.4 million would have been fine if the companies had encrypted their data. If the exposed data had been cloaked earlier these incidents would have never been reported under existing state law.

According to some other findings in 2012, average of 22,500 people were affected in each breach. Majority of data leakage incidents were reported in retail industry followed by the insurance and financial sectors. More than 100,000 people were involved in five of the reported data breaches, more than half of breaches involved SSN.

“Data breaches are a serious threat to individuals’ privacy, finances and even personal security. Companies and government agencies must do more to protect people by protecting data.” Harris said in a release.

Harris gave some suggestions for companies and agencies, explaining them that data encryption should always be used to secure the data. She asked them to train their employees and contractors to improve the overall security in an organization. However, some experts in IT security industry declared awareness training to be a waste of money and time.

She further proposed to improve the readability of breach notices, better the access to resources for victims of breaches involving Social Security and driver’s license numbers, and the passage of legislation mandating notifications of breaches involving the exposure of online credentials, such as usernames and passwords.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta