Los Angeles County California

AltaMed Health Services suffers data breach

September 2nd, 2014

Sensitive data was potentially breached when an employee stole patient records in an apparent identity theft ring from AltaMed Health Services. According to the reports, 2,995 patients’ were affected by this breach. AltaMed offers a variety of healthcare services and temporary employee should not be given access to patient medical records.

Law enforcement, which was conducting an investigation of the breach informed AltaMed about the breach. Agency has a hard drive that’s believed to hold patient records. Temporary employee working with AltaMed has accessed electronic and paper records and affected patients include those who attended one of its community events in Orange and Los Angeles Counties.

The date breached includes patient names, email addresses, telephone numbers, Social Security numbers, provider information, insurance information, dates of birth, and addresses. “The organization takes the security of personal and protected health information very seriously and is undertaking efforts to mitigate the risk of this happening again,” The statement said.

AltaMed notified patients, California Department of Public Health, the California Attorney General’s office, and the Department of Health and Human Services (HHS).

Excerpts from the AltaMed Website Statement:

As part of its ongoing commitment to privacy and data security, AltaMed Health Services is issuing this updated website statement notifying affected individuals of a recent incident that may affect the security of their personal and protected health information. The organization takes the security of personal and protected health information very seriously and is undertaking efforts to mitigate the risk of this happening again. 

The organization launched an internal investigation into the matter to determine what AltaMed records this individual may have accessed during her employment.  The organization retained information privacy and data security legal counsel to assist with its investigation. This investigation is ongoing.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

 

LA County heighten encryption policies after data breach

May 24th, 2014

According to reports, LA County is in the process of boosting encryption policies which includes reviewing privacy and security procedures. Los Angeles County Department of Health Services (DHS) also initiated new efforts to boost security after recent data breach that affected 342,000 patients.

After the breach, DHS has taken following initiatives –

  • It will boost data security rules
  • Mandating encryption for employees laptops and computer workstation hard drives

L.A. county contractors that exchange patient data with the county must also encrypt the data in motion. Lisa Richardson, DHS spokeswoman, added that the Sutherland incident “alerted us to some necessary security measures.”

It is curious to learn about DHS’s encryption policies prior to the Sutherland breach and what other types of changes it made to safeguards as a result of the data breach.

Important : Health and Human Services (HHS) will be looking to ensure that organizations have encrypted devices containing protected health information (PHI).

It was observed that ideal scenario is not to include sensitive data on local desktop and laptops. But as this situation is difficult to achieve due to work requirements, it is advised to encrypt your devices.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

More 170,200 patients affected in previous Los Angeles County DHS data breach

April 10th, 2014

Los Angeles County Department of Health Services (DHS) earlier reported about 168,000-patient’s data breach at its billing company, Sutherland Healthcare Solutions. In the recent notification it has added more 170,200 patients in the data breach list. Total number of affected patients comes around 338,700.Earlier eight computers were stolen from Torrance which led to data breach.

Torrance police department along with Los Angeles County district attorney’s cyber-crime team and the U.S. Secret

Service are trying to find the information on break in. Spokesman David Sommers said there is three class action lawsuit filed against the county and it is reviewing Sutherland’s security procedures.

Information on the computers includes  patients’ first and last names, Social Security numbers and certain medical and billing information, as well as potentially birth dates, addresses and diagnoses.

Affected patients are offered 12 months of credit/fraud/identity protection services from ID Experts. “We encourage you to take full advantage of this service offering,” Sutherland tells affected patients. “Representatives from ID Experts are aware of the incident and can answer questions or concerns you may have regarding protection of your personal information.”

In this event further, Department of Health and Human Services (HHS) imposed fine on its first county, Skagit County of Northwest Washington, for a HIPAA violation. County has agreed to a $215,000 monetary settlement.

Sutherland provides services to the Los Angeles County Department of Health Services and Department of Public Health. The county is working with the vendor to review its privacy and security program. Sutherland has increased employee training.

The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta