laptop theft

1,100 patients of St. Vincent Hospital notified about laptop theft

February 15th, 2014

St. Vincent Hospital notifies 1,100 patients of laptop theft. Letters were sent out for same. Laptop was used with an EEG machine went missing leading to potential data breach. Laptop was password protected which was connected to an EEG machine (for recording electrical activity in the brain) used for diagnostic testing was detached and stolen. Police was notified immediately after the incident. It is considered by the hospital that laptop was not stolen for the information it contained and thus there may be low risk involved in the data breach.

ST. Vincent spokesperson said that laptop was taken from euro diagnostic department of the main St. Vincent Hospital campus in Indianapolis, a unit where doctors, patients and family members of patients can usually be found.

In a statement issued by the hospital, it mentioned that laptop contained patients’ protected health information (PHI) which includes name, date of birth, gender, date of service, type of service and physician name. This diagnostic testing device didn’t contain information related to the social security numbers or financial data. Affected patients of this stolen incident were advised to request free credit reports from Experian, Equifax, or TransUnion. It is advised to the patients to get the report check for any breach.

According to the spokesperson, “St. Vincent is taking precautionary steps to avoid future incidents, and is evaluating its medical devices, and installing encryption protection software as appropriate. Also, the hospital is working to enhance its physical security measures.”

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta

Notification letter sent to 3,026 clients of Easter Seal Society

February 13th, 2014

 

Easter Seal Society employee’s work laptop was stolen which caused data breach of its clients. Nearly 3,026 clients were affected and same were notified about the incident. Theft incident resulted in data breach because of stolen employee’s laptop along with few other belongings.

The Easter Seal Society of Superior California released a report mentioning that there was some grouping of date of birth, health care provider information, patient identification number, health care billing information and therapy notes. So data compromised didn’t consist of same information for all the clients. Easter Seal Society of Superior California president and CEO Gary T. Kasai mentioned in the notification letter, “Upon learning of this incident, Easter Seals immediately launched an internal investigation, hired specialized data security counsel to assist in the response to this incident, and retained external forensics experts to assist in determining the scope of this event.”

“Following this incident we undertook a review of our internal policies and procedures related to protected health information, as well as the enforcement of our employees’ adherence to these policies and procedures,” Kasai added in the statement. “All necessary steps are being taken to ensure that this type of event does not occur again in the future.”

Easter Seal doesn’t believe any sort of fraudulent activity has occurred till now. Its press release added ‘Easter Seals also encourages all concerned individuals to remain vigilant, to review account statements, and to monitor credit reports for suspicious activity.’ But it failed to indicate whether the laptop was encrypted or even password-protected.

Easter seal is not a healthcare provider but an organization dedicated to services and education for those with disabilities. It is likely considered a HIPAA business associate.

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta

Potential data Breach of 6,777 patients after unencrypted desktop stolen in Albany

January 23rd, 2014

Unencrypted desktop owned by Phoebe Putney Memorial Hospital (PPMH) in Albany, Georgia was found missing. About 6.777 patients are vulnerable to data misuse after the incident. Information like patient names, dates of birth, addresses, dates of services, physician names, diagnoses, and Social Security numbers were present on the desktop. Computer was password protected.

Affected patients were seen between May 2010 and October 2013. PPMH sent notification about the incident and provided a copy online. It offered one year credit monitoring for affected patients.

PPMH also notified the incident to The Albany Police Department but they were not sure about computer being stolen or misplaced. They stated, “We deeply regret any concerns and inconvenience this has caused our patients. We have reviewed and enhanced our security policies and procedures and have re-enforced with all staff the importance of handling patient information with care to prevent something like this from happening in the future.”

PPMH hired computer Forensics Company to investigate the breach. Unencrypted computers are common in data breach stories so security is at high risk. So considering possible misuse involved in unencrypted computers it is recommended to get the best security.

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta

Stolen Laptop may lead to security breach of 12,354 Cancer Patients’ Data

January 17th, 2014

Personal information may have been exposed when a laptop was stolen from an employee’s office of New Mexico Oncology and Hematology Consultants (NMOHC). NMOHC started notifying affected customers about the data theft incident. They were advised to monitor their credit reports and financial accounts for any unauthorized activity.

As 12,354 cancer patients’ data has been compromised there is possible violation of protected health information (PHI). PHI includes names, birthdates, addresses, diagnostic results or information related to treatment and insurance information. No Social Security numbers or driver’s license numbers were on the laptop.

NMOHC was not aware about any unauthorized activity related to stolen information but they are instructing customers to report same.

The organization said in a statement on its Web site. “While NMOHC hopes to recover the stolen computer and PHI, that may not be possible,” adding, “In an attempt to prevent further breaches of PHI, NMOHC has increased physical security safeguards as well as implementing additional security safeguards on all laptops. NMOHC is also strengthening other aspects of its internal HIPAA security program.”

With the important information like PHI being stolen more actions are taken by the organization to prevent data loss.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta

South Carolina Insurance data stolen: Notofication sent after two months

January 9th, 2014

State mandated health insurance program in S.C. notified customers about laptop theft which has occurred two months earlier according to website, GoUpstate.com. The laptop belonged to one of the company’s auditor and reportedly it was password protected, the laptop was stolen from individual’s car. Information about stolen laptop was notified to the police next day and the SC Health Insurance Pool.

SC Health Insurance Pool, run by the SC Department of Insurance had hired Columbia accounting firm DeLoach & Williamson to review their claims and payments. The laptop had important personal information like patient names, dates of service, provider identification numbers, and Social Security numbers as per The Post and Courier. In total 3,432 customers were affected who earlier used the program in 2011 and 2012.

Personal information may lead to data theft due to possible violation of company policy as per the Attorneys for DeLoach. It is prohibited to leave laptop in vehicle unattended which leads to theft. The pool mentioned that it does not allow employees to take customer information outside company offices.

Despite theft knowledge within week, customers were not informed. All the affected customers were mailed about the incident.

“First, we had to determine what type of information was included,” Cynthia Hutto of Nelson Mullins Riley & Scarborough said. Apparently delay was caused due to the process of information collection for mailing address and setting up free credit monitoring. Cost for same is covered for one year by the auditor and respective mailing notification is sent for same.

With the present scenario it is advisable to have security software which prevents major data loss. With the possible penalty of breach and potential loss of customers trust more stringent security measures has to be applied. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

1,100 Pediatric Patients’ Health Information breached after stolen laptop

January 7th, 2014

New Jersey’s Barnabas Health recently informed about an unencrypted laptop was stolen on September 24, 2013 from the Barnabas Health Medical Group’s Pediatric Specialty Center which is located in Livingston, N.J. Although the theft was discovered on the same day and police were notified for it but the laptop has not been recovered. Letters were sent to the affected customers.

The stolen laptop contained information which was attached to pulmonary function testing (PFT) equipment information on its hard drive. There is a possibility of data theft of patients’ names, birthdates, testing dates, testing results, physicians’ names, and other demographic information. More information like addresses, financial information or insurance or other identification numbers was not available on it.  Company has informed customers to report any unauthorized activity related to data breach.

Despite the laptop theft, any violation of personal information has not been reported to the company. Company stated availability of printout of PFT forms of the patients ensuring continuity of care and accessibility by the treating physician.

“Patients with questions relating to this incident should call 800-583-1191 between the hours of 9:00 AM and 5:00 PM. Barnabas Health Medical Group sincerely regrets this unfortunate incident and considers the security of patient information to be of utmost importance.” Barnabas Health mentioned in the notification to the customers.

Many measures have been added up like review of applicable safeguards and use against unencrypted laptops to avoid such incidents. Retraining of various patient privacy and security obligations and policies took place for employees of the centre.

Organizations can use encryption software like Alertsec Xpress to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Stolen laptop leads to settlement by the Accretive Health

January 5th, 2014

Accretive Health working as medical billing and revenue management services vendor has agreed for settlement with Federal Trade Commission (FTC) due to allegations of inadequate data security measures which put consumer data at risk.

An accretive laptop containing sensitive information of 23,000 patients was stolen from employee’s car. FTC pointed out many discrepancies like failure to removal of unwanted data from laptop, failure of reasonable procedures in place and vulnerability of sensitive data while laptop is transported. More over they expected to have limited access to customer information by the employees.

Terms of the settlement agreed by the Accretive involved development and deploying a comprehensive data security policy that will be evaluated initially and every two years by a certified third party. Settlement will remain in effect for the next 20 years as per FTC.

To avoid such failures to take proper measures for the security may lead to penalty. To avoid such incidents it is preferred to have proper procedures along with best encryption software. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers.

Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Data Theft by Former NATO employee

December 20th, 2013

A former NATO employee was sentenced for seven years in jail by the German court for spying after the IT expert and copying secret data in order to sell it to a foreign intelligence service.

Identified as Manfred K., the 61-year-old man had worked for the transatlantic military alliance at the US airbase of Ramstein in Germany but left his job after a dispute.

The court found “The disclosure of the files would allow a potential enemy of NATO to gain access to the secret network of NATO”.

Court rejected Manfred’s claim that he was trying to point out security gaps when he copied the data and hid it on USB memory sticks in his kitchen and basement.

The court in the western city of Koblenz found that the man copied passwords, server locations and other information for NATO computer systems that would have enabled a cyber attack.

The IT expert, who had worked for NATO for more than 30 years, copied the data in March 2012 and failed in an attempt to obtain more in June but left NATO shortly afterward. He was been in detention since his arrest in August 2012.

Andreas Voelpel, presiding judge said that the data were the “crown jewels” and “operative heart” of the system and would have allowed a foreign power to launch a cyber attack with devastating impact.

According to the Court, Chinese or Russian intelligence services were the suspected potential takers for the data.

The defendant had earlier denied the charge, saying “I was never a traitor. I am not and never was an enemy of NATO, only of the security sloppiness of employees.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Two Horizon Blue Cross Blue Shield of New Jersey laptops stolen

December 19th, 2013

More than 800,000 members of Horizon Blue Cross Blue Shield of New Jersey (BCBSNJ) were sent notification letters after two unencrypted laptops were stolen from the insurance provider’s Newark headquarters. The notice was sent to alert the members that their personal information may have been compromised.

The stolen laptops were unencrypted, but what comes as a relief is that they were password-protected. Sensitive information on roughly 840,000 members was stored in the laptops, including names, addresses, dates of birth and Horizon BCBSNJ identification numbers. Social Security numbers and clinical information were also included.

“Our top priority at the moment is making sure our members are protected. We are in the process of notifying our members, who are affected, to apologize for this incident and to provide free credit monitoring and identity theft protection to those members’ whose Social Security numbers were involved” said Thomas Vincz, a Horizon BCBSNJ spokesperson.

Horizon BCBSNJ officials were informed that two laptops were stolen, despite being cable-locked to employee workstations. The insurance company began notifying affected members via mail following an initial investigation with the Newark Police Department.

Horizon BCBSNJ also hired outside computer forensic experts who determined that not all the information contained on the laptops would be accessible due to the configuration of the machines.

The laptops have yet to be recovered and an investigation is still ongoing, Vincz said. The information has not been used in any way and officials with Horizon BCBSNJ do not believe the laptops were stolen for the information the devices contained, according to a statement posted to the website.

Vincz said “Horizon is still investigating the encryption procedures and the use of member information as it relates to the two stolen computers. Horizon is also reviewing its inventory of computers and its security and encryption procedures in general. We will also be enhancing employee training with respect to the security of company property and member information”.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

In last three years 1,500 laptops stolen in Oxford

November 29th, 2013

Increasing number of laptop theft cases are being reported in Oxford, as a result laptop owners have been urged to download tracking programmes and register their devices.

Police figures show that more than 1,500 laptops have been snatched in the city in less than three years.

The statistics, obtained by the Oxford Mail under the Freedom of Information Act, also show thieves took laptops from car parks, hospitals, churches and camp sites.

Last year 625 of the portable computers were taken in 479 thefts. In 2011 638 laptops were stolen during 491 thefts. Before the end of August this year, 387 laptops had been stolen in 290 thefts.

“Software can be downloaded to track computers and mobile phones. There has been variable success with them. It relies quite heavily on signal strength in the area so they are rather hit and miss.” said Former Thames Valley Police crime reduction advisor – Nick Gilbert.

Mr Gilbert, who now runs his own security consultancy in Witney, also said property – anything from cars to jewellery – can be registered for free at immobilise.com.

“If anything goes missing, providing you have all the information they need, there is a reasonable chance if it turns up anywhere in the county, it will be easy to find and recover” said Mr Gilbert.

But he said it was most important to take a note of the serial number because without it police cannot track the owner if they find the computer.

A brand new laptop worth £1,000 belonging to entrepreneur and former lawyer John Moore was stolen in Blackwell’s Bookshop cafe in September but it has not been recovered. The American lost details of a business scheme.

The Oxford resident said he wished he had known about tracking software before the theft, adding: “If I had downloaded it I definitely would have had the computer back.”

But he also said laptops should be better security protected so they were only accessible to the owner, adding: “If thieves understood that stealing a laptop is going to get them nowhere they are not going to steal them.”

Chauffeur Richard Arrandale lost photographs and a family history project when his laptop was stolen from his Kidlington home earlier this month.

He said thieves who take laptops also take sentimental information, adding: “A lot of people keep their personal stuff on their computers.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta