As per the reports, OU Medicine suffered data breach when a laptop potentially storing a spreadsheet containing limited patient information was stolen from a former OU physician. The spreadsheet in the laptop contained limited information for approximately 9,300 pediatric patients.
Affected Health information includes patient name, diagnosis, treatment code, date of treatment, date of birth, description of urologic medical treatment or procedure, medical record number, and physician name. According to OU Medicine, no addresses, Social Security numbers
Clik here to view.
OU Medicine Suffers Data Breach
, or other billing information was included.
The hospital took precautionary steps by notifying the 9,300 potentially affected individuals via data breach notification letters even though it was not sure whether spreadsheet was present on the laptop. OU Medicine stated that it will provide one year of free credit monitoring to potentially affected individuals.
The physician who owned the stolen laptop had left the department prior to the laptop being stolen. The hospital also mentioned that it does not allow physicians to take medical documents with them after leaving the facility.
“The University has policies that generally prohibit the removal of documents that contain patient information from its premises and that require employees to protect patient information on laptops at all times, including by storing it securely,” OU Medicine said in its statement.
Facility also expressed regret for the situation.
“The University of Oklahoma takes patient privacy seriously,” OU said in its statement. “The Department is taking additional steps to help prevent similar incidents from occurring and is providing additional training to employees on the importance of securing patient information.”
Alertsec strengthens security
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.
