Rady Children’s Hospital

Rady Children’s Hospital notifies patients of data breach

June 20th, 2014

Around 14,121 patients were notified after data breach in Rady’s Children Hospital, San Diego.  Incident of data breach occurred due to human error when patient data was sent to job applicants. According to reports, hospital’s employee sent a spread sheet to unintended receiver.

Spread sheet contained sensitive information which includes patients’ names, dates of birth, primary diagnoses, admit and discharge dates, medical record numbers, and other insurance information. There were no Social Security numbers or financial data included in the files, Ben Metcalf, a hospital media relations representative said.

After the incident, hospital hired security experts to confirm the deletion of files from computers of job applicants. Security experts can also verify whether the files have been shared to know the extent of breach. When Rady conducted investigation on recent breach it was found that this type of breach occurred even in past when mail error exposed 6307 patients data

Rady said that it will begin using only onsite testing programs for job candidates, improve email security approval protocols and encryption methods and better educate employees on patient privacy requirements. Rady Children’s Hospital spends lots of time and money protecting its patient privacy and information from outside hackers. But error by an employee that recently exposed the information.

“Some families were upset,” said Kearns acting president of hospital. “But the vast majority understood that this is something that was not done purposely. This is something that was done on a human error.” Rady Children’s has notified county and state officials and will also need to report the breach to federal regulators.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.