What is going on in Healthcare?

11 years ago

I’ve talked about data breaches due to a lost laptop before. They’re common, painful and usually generate horrible publicity. It continues to be alarming how many of these devices that are lost continue to be unencrypted. Looking around lately, there’s a very disturbing trend – healthcare professionals are losing devices left, right and center.

Here are some examples of what I’m talking about:

Breach of patient health and personal information

Surgeon’s stolen laptop stored patient’s’ records

DSHS contractor’s laptop stolen in Gig Harbor; identity theft possible risk

Glens Falls Hospital alerts patients of possible information breach

Medicaid contractor loses provider’s personal information

Laptop theft compromises Packard hospital information

Utah’s Medicaid loses control of patient records, again

Seven. That’s the number of healthcare related data breaches that have been made public this year. Of these, six were directly related to the loss of a laptop or storage device that contained patient or customer data that wasn’t encrypted.

It’s frightening. Next to typical Government agencies, healthcare and healthcare-related organizations contain some of the most personal and sensitive personal information. In this day and age, there really is no excuse for these types of lapses in security.

The other scary part is that many of these reports say it was a ‘password protected’ laptop that was stolen or lost. This is the equivalent of filing a police report for a home break-in and saying that you locked the front door, but left the back door open which is why thieves managed to get into your house. If you had an alarm system, this could have been avoided. OS passwords are not enough to protect data.

I feel like a broken record, but the best protection against data exposure on lost or stolen devices is data encryption. The cost of an FDE solution far outweighs the risks involved and healthcare related organizations should be the most vigilant in protecting patient privacy.

*NOTE: Many of these crazy stories above were sourced via SC Magazine and their great Data Breach Blog.

WinMagic https://winmagic.com

WinMagic is a leading developer of endpoint authentication and encryption products that, over the course of 25 years, has raised the bar for user security. With extensive experience with securing the endpoint — and continuous innovation — WinMagic is trusted by over 2,500 businesses and government agencies around the world and has over 3 million active licenses globally.

Sharing is Caring!

The promise and practice of UEFI for Full Disk Encryption

Tackling the Caesars and MGM Hacks with Secure Authentication Fallback

Early September 2023, two of the world’s largest casino hotel companies — MGM Resorts and Caesars — were struck by…

October 3, 2023

Thi Nguyen-Huu

Why Relying on Phones for Online Authentication Is a Bad Idea

In 2022, the US Government released memorandum M-22-09 addressing the requirements for achieving zero-trust security. This introduction has sparked a…

September 18, 2023

Garry McCracken