Philadelphia Family Planning Council Data Breach Affects 70,000 Patients

The Family Planning Council incident is just the latest in a series of flash drive data breaches to be reported. On Feb. 23, Henry Ford Health System in Detroit notified the public of a lost flash drive containing information on 2,777 patients, and on Sept. 20, insurer AmeriHealth Mercy reported a missing flash drive that stored data on 280,000 Medicaid members.

You’d think HIPPA or some other regulation would cover all that, but there’s still the policy gap and human laziness factor gap at work.

The stolen flash drive at Family Planning Council was simply password-protected rather than encrypted, Schwoebel noted.

Steps companies could take to better secure data include encrypting the devices, monitoring data transfer on the drives using back-end management software and creating an audit trail.

“It’s a bit intimidating for health care organizations to understand what is the right level of encryption for what they need,” Schwoebel said. “There are different types of drives that offer different levels of security, and they should work with someone to analyze what’s the correct level of security they need for their data and put together an overall plan to make sure that the USB drives they do provide to their customers meet the standards for data loss prevention.”

via Philadelphia Family Planning Council Data Breach Affects 70,000 Patients – Health Care IT – News & Reviews – eWeek.com.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s