As reported a few weeks ago, there was a physical break in to a facility that services student loans. It turns out, some safes were stolen that contained hundreds of CD’s & DVD’s with backup information on them. These backups contained personal data from folks who had student loans that were being serviced by this Read More
There is a lot of talk about this lately…HIPAA compliant email. First, you need to realize, standard email is NOT a secure method of transmitting ePHI. Most private practices don’t have secure email. Many hospitals do. Should you have it? My argument is no. Why not? There really is no reason for it. A hospital Read More
As noted in an earlier post on the stolen personal data of student loan recipients, the fallout continues. 153,600 New Yorkers, are getting the news by mail that their information was stolen. According to ECMC, the data theft included names, addresses, social security numbers and birthdays.
In a “domestic burglary”, the personal information on 9000 students was stolen from a city counselman’s home. What was done right? The hard drive on the stolen laptop was encrypted. What was done wrong? “data stored on the CD ROMs and memory sticks included Surname, Forename, Gender, Date of Birth, Address, Postcode, Phone number, UPN Read More
An excellent article by Dom Nicastro discussed the 5 major stumbling blocks that an auditor in Oregon has noticed lately. I expand on two of the stumbling blocks, they listed below. Lack of a risk analysis – Many organization have possibly executed on risk analysis, most have never even done one. This should include, but Read More