The social security numbers (SSNs) and other sensitive details belonging to both patients and employees of the Cancer Care Group from Indianapolis, Illinois, are at risk of being misused after a laptop has been stolen from a staffer’s car. A total of 55,000 individuals might be affected.
Besides the SSNs, the thief also obtained insurance information for patients and beneficiaries, and the financial and employment details of the affected employees, EHR Intelligence informs
The organization has provided only a few details regarding the incident, including the fact that the employee’s car was locked at the time of the theft back in July.
Furthermore, the Cancer Care Group’s representatives claim that they’re in the process of adding encryption and other security mechanisms to all their computing devices to prevent misuse in case they get stolen.
However, they didn’t exactly say that the information on stolen laptop was encrypted, which indicates the fact the data may be easily accessible.
So far there aren’t any signs of misuse and it’s unknown if the theft targeted the information stored on the laptop.
On the other hand, this situation once again highlights the importance of proper security measures. This shows that not only the securing of networks against hacker attacks is crucial, but also the implementation of proper policies and procedures to ensure that physical incidents don’t lead to identity theft.
And if you think that this is a major healthcare system data breach, think again. The one that affected the Utah Department of Health exposed the protected health information of 780,000 people.
The details of 315,000 individuals were exposed by Emory Healthcare, the South Carolina Department of Health being responsible for the information of 228,000 customers.
We must say this once again: it’s a shame that organizations buff up security only after they’re affected by a breach.