Medical Records exposure leads to data breach

April 29th, 2015

LAC+USC Medical Center (LAC+USC) – Augustus F. Hawkins (Hawkins) Mental Health Center mentioned  that patients’ records were found in the home of a facility employee, when a search warrant was being served at the residence. Authorities reportedly found confidential patient information for 900 Hawkins patients in the nurse’s home. The search was unrelated to County business.

“The incident has been reported to the Health Authority Law Enforcement Task Force (HALT), and we are also actively working with other law enforcement agencies,” the LAC+USC and Hawkins statement read. “We will notify the California Department of Public Health, the California Attorney General, and federal authorities in accordance with statutory requirements LAC+USC Medical Center is conducting a review of its privacy and security practices and will revise them as needed based on the findings.”

The affected information includes information such as names, medical record numbers, addresses, phone numbers, dates of birth, diagnoses, dates of admit, insurance carriers, insurance identification numbers, and Social Security numbers. Other personal data, including driver’s license information, may also have been compromised.

According to the reports, the nurse who allegedly took the documents has resigned and is no longer working at the hospital.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Potential data Breach of 6,777 patients after unencrypted desktop stolen in Albany

January 23rd, 2014

Unencrypted desktop owned by Phoebe Putney Memorial Hospital (PPMH) in Albany, Georgia was found missing. About 6.777 patients are vulnerable to data misuse after the incident. Information like patient names, dates of birth, addresses, dates of services, physician names, diagnoses, and Social Security numbers were present on the desktop. Computer was password protected.

Affected patients were seen between May 2010 and October 2013. PPMH sent notification about the incident and provided a copy online. It offered one year credit monitoring for affected patients.

PPMH also notified the incident to The Albany Police Department but they were not sure about computer being stolen or misplaced. They stated, “We deeply regret any concerns and inconvenience this has caused our patients. We have reviewed and enhanced our security policies and procedures and have re-enforced with all staff the importance of handling patient information with care to prevent something like this from happening in the future.”

PPMH hired computer Forensics Company to investigate the breach. Unencrypted computers are common in data breach stories so security is at high risk. So considering possible misuse involved in unencrypted computers it is recommended to get the best security.

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta