Liquid Technology's data security news service delivers timely, relevant, and topical information pertaining to today's increased reliance on data security. From data destruction and e-waste management to green IT and client confidentiality, we provide the news you need to make informed decisions for improved IT asset management and disposition practices. For real-time news updates follow us on Twitter @LiquidTechNews.
The number of global data breaches reached 2,644 last year, more than doubling the number of incidents in 2011. Despite the rise in frequency, they accounted for the exposure of 267 million records – a significant improvement over the 412 million records exposed in 2011.
River Falls Journal
River Falls Medical Clinic says it has notified about 2,400 clients of a breach of unsecured personal information. The breach occurred after clinic officials reported stolen equipment to the River Falls Police in the summer of 2012.
Lost paper files and portable memory devices account for 65 percent of data breaches according to "Data Breach Incidents & Responses," a just released survey conducted by the Society of Corporate Compliance and Ethics (SCCE) and the Health Care Compliance Association (HCCA). The compliance and ethics department, according to 69 percent of respondents, led the remediation effort following the last data breach.
Healthcare IT News
Some 57,000 patients seen at the Palo Alto, Calif.-based Lucile Packard Children's Hospital have been notified of a potential HIPAA-breach after an unencrypted company laptop containing patient medical information was stolen from a physician's car Jan. 9.
Canada's Montfort Hospital recently announced that that an unencrypted USB drive containing more than 25,000 patients' health information was recently lost. The drive contained patients' names, summary data on the type of service provided, the date of service, and the health service provider code.
Cache Valley Daily
The employee who lost a device containing personal information for about 6,000 Utah Medicaid recipients has been fired. The Utah Department of Health reported Wednesday that an employee with an outside contractor lost a USB memory stick containing the data last week while traveling.
St. Louis Post-Dispatch
A laptop stolen from a local surgeon traveling in Argentina contained the personal information of about 1,100 patients, the Washington University medical school announced today.
Southwest Florida Online
The Florida Department of Juvenile Justice reported an information security breach to the Florida Department of Law Enforcement Friday afternoon. The DJJ said the theft of a computer device might lead to the possibility of identity theft of tens of thousands of individuals including data about employees and youth offenders in the Florida Juvenile Justice system.
In spite of best practices, it is likely your organization will experience a serious data breach at some point. Once the initial shock wears off you'll be faced with numerous decisions, the most significant of which is whether to seek help from outside professionals such as attorneys, computer forensics investigators, information security consultants, privacy consultants and law enforcement.
With implementation of the health reform law coming this year, hospitals are most concerned about the changes it will bring. According to a PwC Health Research Institute report released today, hospitals and other healthcare organizations will see a mix of budgetary pressures, consumerism and technology. Described as a quicken pace on health reform, the top issues hospitals will see this year include the following: Read more: 3 top issues hospitals will face in 2013 - FierceHealthcare http://www.fiercehealthcare.com/story/3-top-issues-hospitals-will-face-2013/2013-01-09#ixzz2IFo5gMim Subscribe: http://www.fiercehealthcare.com/signup?sourceform=Viral-Tynt-FierceHealthcare-FierceHealthcare
The Department of Health and Human Services (HHS) recently announced the first HIPAA breach settlement involving fewer than 500 patients. The Hospice of North Idaho (HONI) agreed to pay $50,000 after an investigation found the organization had violated the HIPAA security rule. HHS' Office for Civil Rights (OCR) began its investigation after HONI reported an unencrypted laptop containing electronic personal health information on 441 people was stolen in June 2010.
Healthcare Finance News
Kroll Advisory Solutions has released its 2013 Cyber Security Forecast, spotlighting some of the pressing and perhaps unexpected privacy and security issues healthcare and other organizations may be grappling with in the coming year.
Gibson General Hospital has mailed letters to patients informing them of the theft of a hospital laptop containing personal health information. The laptop was reported stolen, along with several other items, from an employee's home during a burglary on Nov. 27.
Sales of mobile devices are expected to surge this holiday season. Whether your firm has embraced bring-your-own-device (BYOD) or elected to look the other way that means many of your employees can be expected to upgrade their tablets and smartphones. But what about their old devices? Will they be decommissioned properly?
Help Net Security
A new comparative survey by The Ponemon Institute explores the motivations behind IT security spending among UK and US organizations, and how industry regulations, data breach mitigation and the fear of reputational damage rank in the decision making process.
President Andrew K. Benton sent an email today informing the university community that a laptop computer belonging to an authorized university employee was stolen from that individual’s car. This laptop had been used extensively in work related to the IRS, “and it contained data dating back to 2008 involving as many as 8300 Pepperdine campus community members.” Approximately 75 percent of these names belong to students.
Privacy and access controls should be implemented to ensure the security of corporate data as well as protect personal information stored on user-owned devices.
Healthcare IT News
The healthcare industry has made little progress in reducing data breaches, according a new analysis of the past three years by the Health Information Trust Alliance (HITRUST).
Fierce Mobile IT
Security concerns about mobile devices in the enterprise have soared among IT managers over the last three years, according to an annual endpoint security survey of IT managers conducted by the Ponemon Institute and security firm Lumension.
SQL injection, post-phishing privilege escalation, and poorly secured back-up information all played their part in exposing sensitive government data stores this year
A yet-unreleased report finds that security experts at the SEC brought sensitive data to the Black Hat Security Briefings, an annual hacker and security convention.
Personally identifiable information of "at least" 10,000 NASA employees and contractors remains at risk of compromise following last month's theft of an agency laptop, a spokesman told Computerworld via email Thursday.
A laptop computer with a spreadsheet containing certain patient information was stolen from Landmark Medical Center in Woonsocket.
New York Times
NASA told its staff this week that a laptop containing sensitive personal information for a large number of employees and contractors was stolen two weeks ago from a locked vehicle.
Help Net Security
New research by the Ponemon Institute revealed that 54 percent of respondents have experienced at least one data breach in the last year, with nearly a fifth (19 percent) experiencing more than four.
A laptop containing the unencrypted personal records of Alere Home Monitoring customers was stolen from an employee's car.
According to a recent survey commissioned by AT&T and the Polytechnic Institute of New York University, 90 percent of small businesses allow their employees to access work email via mobile devices, and 41 percent allow employees to use these devices to access business files. Eighty three percent of small businesses allow employees to use personal devices for work.
A recent Forrester report suggests most corporate data loss and security breaches come from risky employee behavior as well as an organization's inability to implement comprehensive IT security policies. The report finds most data breaches result from stolen or lost mobile devices, compromise of other data-bearing devices, or misuse of corporate data assets by employees.
Bank Info Security
Cloud and mobility continue to change the landscape for security professionals concerned with data loss and the growing number of endpoints holding sensitive information, says Dan Hubbard of the Cloud Security Alliance.
Patrick Lambert revisits some of the basic precautions that need to be taken to deal with the proliferation of employee-owned devices in the workplace.
It may be too early to say "the era of the PC is ended," as Phil Redman, a research vice president at Gartner, recently did. Still, there is no question knowledge workers are transferring many of the tasks they once performed on PCs to their smartphones, tablets and other mobile devices.
Officials at VSECU, the state's largest credit union, have notified consumers that two unencrypted backup data tapes loaded with customer identification information were mistakenly thrown away and ultimately disposed of in a landfill last month.
Gov Info Security
Major U.S. healthcare data breaches have surpassed a significant milestone: More than 500 breaches have been confirmed since September 2009, when the U.S. Department of Health and Human Services began keeping tabs.
Blount Memorial Hospital has begun notifying 27,000 patients whose personal information was compromised by the theft of an employee's laptop computer in August
Help Net Security
As Congress examines how data brokers collect, aggregate and share consumers' personal information, a new survey by TrustedID shows that most people are confused about how data brokers operate and want centralized control of how data brokers handle their personal information.
Billing & OSS World
Data loss from stolen or lost mobile devices ranks as the top mobile threat related to device security. The rankings, released by Cloud Security Alliance, came from a survey of more than 200 enterprise participants. A main goal of this survey was to provide guidance on where enterprises should place resources to address mobile device security threats, CSA said.
The average insurance cost per data breach incident increased sharply from $2.4 million in 2010 to $3.7 million in 2011, according to a new NetDiligence study released Tuesday.
For 48% of IT practitioners in the UK, the sensitive personal data contained in their company's databases and native or cloud applications has been compromised or stolen by a malicious insider, new research has revealed. And, the majority of those practicioners (65%) also agree that they find it difficult to comply with privacy and data protection regulations in production and development environments.
All 71,000 registered Robeson County voters should have received letters notifying them that five laptop computers containing their personal information were stolen from the Robeson County Board of Elections last month.
"Bring your own device" may be touted as a winning policy for workers and employers, but a recent survey finds many employees worry that it's an excuse to invade their privacy.
Security execs know they have no choice but to comply with the demand for personal devices in the workplace. But as these CSOs explain, it's a pain-filled process.
While bring-your-own-device initiatives offer multiple benefits for organizations, there are pitfalls that only careful implementation can help avoid, according to Grudi Associates.
Gov Info Security
The latest updates to the federal tally of major health information breaches confirm that the loss and theft of unencrypted devices continue to plague the industry.
Most data breaches are caused by mundane events such as employees losing, having stolen or simply unwittingly misusing corporate assets, a Forrester Research report has found.
For the second time in three months, federal authorities have issued a hefty financial penalty stemming from a HIPAA compliance investigation after a relatively small breach.
Just because you don't remove the laptop from the office, don't kid yourself that it's secure. We've seen a number of incidents where laptops have been stolen from offices where the failure to encrypt the laptops resulted in breach notice costs for the entities. The latest entity to incur breach costs due to failure to adequately secure is St. Therese Medical Group in Bakersfield, California. They sent out letters today to patients and providers whose information was on an unencrypted laptop stolen from their offices on July 22.
A new rule proposed for federal government contractors will require that all federal contracts over $100,000 (including contracts for commercial items and those to small businesses) will have to include a clause requiring the contractor to implement basic data security protections for any non-public data provided to the contractor by the federal government or generated by the contractor for the government.
Help Net Security
An analysis of government breach data shows that the government sector reported 268 incidents of data breaches from January 1, 2009 to May 31, 2012, which exposed more than 94 million records containing personally identifiable information (PII), according to Rapid7
Sci Tech Today
The simple security measure of remote resetting or wiping a mobile device is notably absent on mobile workers' devices. Only 55 percent of mobile workers told iPass they had remote wipe enabled on their smartphones and only 30 percent activated this security feature on their tablets. The BYOD trend brings enterprise security isues with it.
Hundreds of council data security incidents have led to the loss of data on more than 10,000 people in Scotland over the past five years, figures released under freedom of information laws have revealed.
OBTAIN A PRICE QUOTE NOW