A story over at FierceMoblieHealthcare reports that two laptops were stolen from the Department of Veterans Affairs. Neither of the laptops had the hard drives encrypted.
Two recently disclosed potential breaches of health data in government health programs, potentially impacting more than 10,000 patients, were the result of stolen, unencrypted laptops belonging to contractors.
The Department of Veterans Affairs said that a laptop stolen from an unspecified contractor’s car April 22 contained unencrypted, personally identifiable information of about 644 veterans. And New Mexico’s Health and Human Services Department reported last week that an employee of West Monroe Partners, a subcontractor that processes dental claims for Medicaid enrollees, had an unencrypted computer in the trunk of a car stolen in Chicago March 20. That computer may have contained data on 9,600 beneficiaries, Government Health IT reports.
Still, the news incensed Rep. Steve Buyer (R-Ind.), the ranking member of the House Veterans Affairs Committee, because a law passed in the wake of a major breach in 2006 that threatened the privacy of 26.5 million veterans and their spouses requires VA contractors to encrypt health data on laptops. The breach indicates that the “VA lacks focus on its primary responsibility of protecting veterans’ personal information,” Buyer writes in a May 12 letter to VA Secretary Eric Shinseki.
“We would like to express our deepest concern about the continued use of unencrypted devices within VA, despite the ongoing efforts to stop such use,” he adds.
It seems to me that if your medical practice is using laptops that are unencrypted, it is only a matter of time before you experience a security breach. Encrypting the hard drive of a laptop is neither very complicated nor is it expensive. My advice is to start looking into laptop encryption sooner rather than later.
Related posts:
[...] post: More unencrypted laptops stolen Posted in Computer, Laptops, Uncategorized | Tags: breach, health, hipaa-security, hitech, [...]