Stolen laptop puts 12,500 patients’ data at risk
Shands HealthCare has recently announced about 12,500 of their patients that their private medical data has been stolen in January, along with the laptop that contained the personal details. As it almost always happens in the case of hardware storing sensitive records, the laptop wasn’t encrypted in any way.
The stolen info contains names, addresses, medical record numbers and medical procedure codes of the patients, as well as the Social Security numbers of about 650 people. Luckily, up to know, there is no evidence of any misuse of the data, and we should keep hoping that the thief or thieves just needed the notebook to sell it or for personal use…
At least some measures have been taken: training for the employees and system-wide encryption policy to prevent such data breaches in the future. And of course, there’s protection for those affected, eligible for 12 months of free credit monitoring.
Let’s hope the new system works, as according to Gainesville.com, security breaches involving large amounts of patient data being exposed are some what of a recurring habit at Shands.
Private data of 208,000 at risk after laptop theft
AvMed Health Plans is currently dealing with a prominent data breach after having two company laptops stolen from their corporate offices in Gainesville in early December. The theft could compromise personal information of over 200,000 current and former subscribers, as well as their dependents, said a company announcement quoted by Gainesville.com.
The two laptops contained details such as names, addresses, phone numbers, Social Security numbers and protected health information. Yet the company states that the risk of identity theft is very low, as data was listed in a random way, regardless of the fact that, 12 days after the incident, AvMed discovered the data on one of the two laptops was not properly encrypted.
AvMed states there were no reports of identity theft up to now, but they will only have a clearer view on the situation after their members start registering for identity protection, service provided by the company for free for the next 24 months.
Starbucks Loses Laptop with Employee Information
In the second half of November, Starbucks disclosed a security breach that had occured a month earlier. A company laptop went missing and was thought to be stolen. It contained private details of 97,000 employees from accross he USA.
The data loss was announced through a memo posted on Starbucksgossip.com and was later confirmed by Starbucks officials. The memo also recommended those affected to monitor their financial accounts and look or any suspicios activities, as well as take all the necesary steps to prevent misusage of the lost records.
According to Seattlepi.com, this isn’t the first laptop containing company information stolen from Starbucks. In 2006, the company discovered it had misplaced 4 out-of-use laptops containing the names, addresses and Social Security numbers of 50,000 former and 10,000 then-current employees. One would expect enhanced security after such an incident.
Slim Risks, yet HCC Still Warns of Lost Data
Hillsborough Community College programmer’s laptop stolen from a hotel parking lot in Georgia rises identity theft concerns. All the private records the laptop used to contain on about 2,000 HCC employees has previously been deleted and the computer is password-protected, yet fears of someone with sophisticated software retrieving the data made HCC take action.
Spokeswoman Ashley Carl told Tampa Bay Online that the programmer had been working on a payroll project for a group of employees using their names, bank-routing numbers, retirement information and Social Security numbers but had subsequently deleted the data and also emptied the Trash bin.
The college also is looking into acquiring technology that will allow workers to remotely locate laptops and to encrypt computers or disks. In addition, it stressed to employees who use laptops to use extra caution when securing the devices.
HCC officials announced all their potentially affected employees of the threat and advised them to closely monitor their bank accounts. This was indeed a speedy and rather thorough reaction from HCC, especially since their determined to prevent future incidents by deploying and endpoint security solution along with enforcing other IT security policies.
