Be sure to checkout FierceEMR for Meaningful Use updates!
Laptops stolen from Veterans Affairs, N.M. Medicaid contractors were not encrypted
Will people ever learn?
Two recently disclosed potential breaches of health data in government health programs, potentially impacting more than 10,000 patients, were the result of stolen, unencrypted laptops belonging to contractors.
The Department of Veterans Affairs said that a laptop stolen from an unspecified contractor's car April 22 contained unencrypted, personally identifiable information of about 644 veterans. And New Mexico's Health and Human Services Department reported last week that an employee of West Monroe Partners, a subcontractor that processes dental claims for Medicaid enrollees, had an unencrypted computer in the trunk of a car stolen in Chicago March 20. That computer may have contained data on 9,600 beneficiaries, Government Health IT reports.
In the VA theft, "The contractor self-reported the incident and has disabled the user account and server access from the stolen laptop. No further access from this laptop is possible," VA spokeswoman Katie Roberts said in a statement, according to Government Health IT.
Still, the news incensed Rep. Steve Buyer (R-Ind.), the ranking member of the House Veterans Affairs Committee, because a law passed in the wake of a major breach in 2006 that threatened the privacy of 26.5 million veterans and their spouses requires VA contractors to encrypt health data on laptops. The breach indicates that the "VA lacks focus on its primary responsibility of protecting veterans' personal information," Buyer writes in a May 12 letter to VA Secretary Eric Shinseki.
"We would like to express our deepest concern about the continued use of unencrypted devices within VA, despite the ongoing efforts to stop such use," he adds.
For more information:
- see this Government Health IT story
- have a look at this NextGov report
- see this letter from Buyer to Shinseki (.pdf)
Related Articles:
Report: Healthcare organizations may have a false sense of data security
Privacy called central to winning converts to EMRs
Comments
A better title for this article would have been "Contractors' stolen laptops were not encrypted" The phrase "were unencrypted" can be read as someone having hacked the encryption. That's a far less likely event and detracts from the main point of this story..that organizations need to have well defined policies, and the appropriate staff to oversee governance
Post new comment
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map | List in Marketplace | Supplier in MarketplaceTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2010 FierceMarkets. All rights reserved. |
 |