San Antonio

Medical records in Dumpster

November 15th, 2014

Another case of improper disposal came to notice in Texas when medical documents containing “sensitive personal information” were spotted in a dumpster outside of a church in Alamo Heights. Affected information includes patients’ medical records and PHI from the offices of Dr. Huyen Nguyen and Dr. Orlando Kypuros. Affected information includes Patients’ medical conditions, Social Security numbers and driver’s license numbers.

“We were shocked that such information was found unsecure and outside our office,” Nguyen and Kypuros said in a statement to the news station. “Upon discovery of the breach, we immediately investigated the incident to determine how it occurred. Our investigation revealed that some of our employees were not following our office policy, which required protected health information to be shredded. Instead, they were placing the documents in a recycling container.”

After the breach, doctors ‘until further notice’ terminated the recycling program, counseled and retrained all employees, and revised their policies and procedures to ensure that such situation never happens again.

“We are in the process of identifying all affected patients and providing written notification in compliance with state and federal law, which will provide notification of the breach and directions for placing a fraud alert on a credit report,” the statement read.

Affected patients with most sensitive information were contacted personally by the doctor’s office and free credit monitoring services for one year has been setup. Number of affected patients is not known but all the records are under lock and key while the search for an explanation begins.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Texas nonprofit advocacy group notifies PHI breach of 2,934

April 13th, 2014

An Austin, Texas nonprofit advocacy group for children with developmental disabilities, EveryChild, Inc. has informed 2,934 families about the potential data breach. EveryChild learnt about the breach when internal computer was found stolen from its office. EveryChild, Inc. is a non-profit with a contract with the Texas Health and Human Services Commission (HHSC) to help adults under age 22 and children with disabilities get services in a family setting rather than an institution.

Computer contained PHI information which included patients’ birth dates, Social Security numbers, Medicaid numbers, photos and other health information. EveryChild has also alerted Texas Health and Human Services Commission about lost computer and possible data breach.

EveryChild believes till date that data present on the computer was not misused. Information is not available whether the patients only from Austin suffered data breach or there are patients from San Antonio as well. Also information regarding safe guarding methods on the computer was not available. Thus it was not clear whether computer was password protected or encrypted.

Excerpts of Website statement –

Upon discovery of the theft, we immediately notified law enforcement and the Texas Health and Human Services Commission. We are cooperating with investigations and attempts to recover the computers. We are also improving the security of confidential information through security alarms, enhanced technology, and policy and procedure changes.

 

If you were personally affected by this theft and we have your current address, you will be receiving a letter informing you about the credit monitoring protection. If you believe you may have been affected and do not receive a letter, you may contact our toll free number.

 

We take the protection of private information seriously and sincerely regret that this crime put information at risk. We will continue work to put stronger controls in place to better protect private information in the future.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta