Unencrypted desktop owned by Phoebe Putney Memorial Hospital (PPMH) in Albany, Georgia was found missing. About 6.777 patients are vulnerable to data misuse after the incident. Information like patient names, dates of birth, addresses, dates of services, physician names, diagnoses, and Social Security numbers were present on the desktop. Computer was password protected.
Affected patients were seen between May 2010 and October 2013. PPMH sent notification about the incident and provided a copy online. It offered one year credit monitoring for affected patients.
PPMH also notified the incident to The Albany Police Department but they were not sure about computer being stolen or misplaced. They stated, “We deeply regret any concerns and inconvenience this has caused our patients. We have reviewed and enhanced our security policies and procedures and have re-enforced with all staff the importance of handling patient information with care to prevent something like this from happening in the future.”
PPMH hired computer Forensics Company to investigate the breach. Unencrypted computers are common in data breach stories so security is at high risk. So considering possible misuse involved in unencrypted computers it is recommended to get the best security.
Alertsec strengthens security
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.