Establishing Digital Trust: Don't Sacrifice Security for Convenience
Tennessee's Hope Family Health recently began notifying approximately 8,000 of its current and former patients that their personal information may have been exposed when an unencrypted laptop was found to have been stolen from an employee's home on August 4, 2013 (h/t PHIprivacy.net).
The laptop, which was password and fingerprint protected but not encrypted, contained financial records, billing records and patient account information, including names, birthdates, Social Security numbers and billing addresses, for as many as 8,000 current and former patients dating back to 2005.
Detective Sgt. Jim Vaughn of the Hendersonville Police Department told The Tennessean that the laptop has not been recovered, and no arrests have been made in the case.
Hope is now securing all patient information on an encrypted server instead of on individul computers, and all personnel are being required to undergo training on how to protect patient information.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
While Hope isn't offering any credit protection services to those affected, the organization is advising all affected patients to place a fraud alert on their credit files.
"We sincerely regret this incident occurred on our watch and commit to minimizing the risk of anything similar taking place in the future," Hope said in a statement. "We respect the private nature of your personal information and always strive to protect it from unauthorized or unnecessary disclosure."