Encryption Beefed Up After 2 Breaches

Sunbridge Healthcare Reports Laptop, Blackberry Stolen
Encryption Beefed Up After 2 Breaches
A national chain of 200 long-term care and rehabilitation facilities has beefed up its use of encryption following two recent breach incidents involving the theft of unencrypted computer devices.

Sunbridge Healthcare Corp., Albuquerque, N.M., reports that a laptop computer containing information on 3,830 residents in 10 states was stolen May 11. Information on the device included names, medical record numbers, dates of service, clinical data and Social Security and health insurance numbers.

In a second incident on June 26, a Blackberry device containing information on 1,000 residents from eight Georgia facilities was stolen. In this case, the information included names, dates of birth, medical record numbers, dates of service and clinical data.

Sunbridge reported both cases to local law enforcement authorities, and there is no evidence the information on the devices has been misused, the company reports.

"The company's internal encryption practices have been strengthened to ensure that no laptop computers are issued to employees without encryption software installed," the nursing home chain said in a statement on the May incident.

"The company has encrypted and password-protected all Blackberry personal digital assistants and has reinforced with all the staff the proper protocols required to maintain the security of personal information," according to a statement about the June incident.

The latest incident was added Sept. 10 to the list of major breaches compiled by the Department of Health and Human Services' Office for Civil Rights.

Sunbridge notified the office, as well as individuals who could be affected, of both incidents as required under the HITECH Act breach notification rule. It offered the patients involved ID theft protection services from Kroll Inc.


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.