Maryland

Computer server goes missing

November 20th, 2014

A subsidiary of Pennsylvania-based health insurer Highmark Inc., Visionworks is facing potential data breach when its computer server went missing from Annapolis store.  Though safeguards and measures exist, incident like this happens when there is negligence in handling computers and data storage devices.

According to the reports, server consisted of partially encrypted Protected Health Information (PHI) which doesn’t includes Social Security numbers. The total of the affected patients stands at 75,000 customers. According to the Visionworks, Customer credit card numbers were encrypted.

Lisa Martinelli, the chief privacy officer for Highmark Health told that company is currently in the process of notifying affected patients. She also told that customers are offered free credit monitoring for one year.

According to the Statement:

An investigation is currently underway to locate a missing database server, which was replaced on June 2, 2014 during scheduled upgrades.

While the location of the server has yet to be determined, it is believed to have been sent to one of the store’s local landfills along with other miscellaneous refuse. At this time, there is no reason to believe that any of the information residing on the server has been accessed or used inappropriately.

In resolving this issue, Visionworks will comply with the state and federal notification requirements as provided by the HITECH Act of 2009.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Data Breach in MaryLand DDA affects 9,700 clients

March 10th, 2014

Case management provider Service Coordination Inc.’s (SCI) computer systems of The Maryland Developmental Disabilities Administration (DDA) was hacked which compromised 9,700 patients’ protected health information (PHI). It contained client names, demographic information, DDA service provider, medical assistance number, Medicaid and Medicaid Waiver status and reason, Social Security numbers, and other SCI service information.

“We regret the occurrence of this unfortunate criminal incident and we apologize for any inconvenience this may have caused individuals who we work with. We continue our vigilant actions to safeguard the information of those who count on us for resource coordination services and we remain committed to supporting their needs,” said John Dumas, Executive Director of Service Coordination

SCI contacted a cybersecurity forensics team which confirmed unauthorized use. SCI also notified the FBI and U.S. Department of Justice (DOJ). It requested a delay in clients’ notification to avoid hindrances in their criminal investigations. Only after law enforcement seized the hackers account and equipment, SCI began notifying the clients.

SCI is offering one year free identity theft protection to those affected by the breach. In a website statement, SCI further added,

There is no current evidence of any misuse or further release of information by the hacker or others. To help protect affected Maryland residents from the possibility of identity theft and/or fraud as a result of this incident, SCI has engaged an identity theft protection firm, to provide affected individuals with a full year of identity theft protection services at SCI’s expense.

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta