Wednesday, July 25, 2012

Boston hospital loses laptop with patients' personal information

A physician’s unencrypted personal laptop that may have contained protected health information on 3,900 patients at Boston-based Beth Israel Deaconness Medical Center was stolen, the hospital admitted Monday.

The laptop, which was stolen in May from the physician’s office, has not been recovered; however, law enforcement has arrested a suspect, the hospital said in a statement. The laptop contained a tracking device, which unfortunately was not activated. The hospital has employed a forensic firm to determine whether the data were compromised.
http://www.infosecurity-magazine.com/view/27164/boston-hospital-loses-laptop-with-patients-personal-information/
 
NOTE: Nice control to put a tracking device, but would still have been a reportable breach.  The key is that it is unencrypted... Remember, encrypt, encrypt, encrypt any  device that stores PHI and that includes BYOD devices.

No comments: