These are pretty dismal statistics…
Ponemon Institute and security firm ID Experts … surveyed 80 health care organizations and found that 94 percent had experienced a data-loss incident in the past two years. Another 45 percent sustained more than five breaches during that period.
via Nine out of 10 hospitals lost personal data in last two years – SC Magazine.
All the requirements in the world won’t make a difference if the organizations do not allocate the resources to ensure compliance, and if the employees continue to fail to comply.
I wonder if there was a reason for a NASA employee to carry around all that employee information on a laptop? Why wasn’t it in a centralized, secured database that the employee would access when needed?
NASA is warning all employees and contractors that their personal information may have been compromised after a thief stole a NASA laptop and documents from an agency employee’s locked car.
“On October 31, 2012, a NASA laptop and official NASA documents issued to a headquarters employee were stolen from the employee’s locked vehicle. The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors and others,” said Richard J. Keegan Jr., associate deputy administrator of NASA, in a notice sent to all employees.
The data on the laptop wasn’t encrypted. “Although the laptop was password protected, it did not have whole disk encryption software, which means the information on the laptop could be accessible to unauthorized individuals,” he said.
via Stolen NASA Laptop Had Unencrypted Employee Data – Security –.