Data Encryption: Delaware Passes Law That Requires Destruction Of PII.

Delaware has passed a law (which becomes effective on January 1, 2015) declaring that “commercial entities” must destroy any personally identifiable information (PII) belonging to consumers that is “no longer to be retained by the commercial entity.”  In other words, when disposing of PII, commercial entities must destroy customers’ information.  Of course, like most legislation, […] read more

HIPAA Encryption: A Tale Of Two HIPAA Breaches.

I find it fascinating that two different companies can have such disparate reactions to a PHI data breach that occurred under similar conditions.  Consider two entries at phiprivacy.net, where computers were stolen, triggering a HIPAA breach (obviously, the use of managed HIPAA encryption software like AlertBoot was neglected; otherwise, there wouldn’t be a HIPAA breach). […] read more

HIPAA Encryption: RI Hospital Settles With MA Attorney General For $150K.

Women & Infants Hospital of Rhode Island has settled with the Massachusetts Attorney General’s office over a 2012 data breach that ended up affecting more than 12,000 people in Massachusetts.  The hospital has agreed to pay $150,000 – $110,000 in civil penalties, $25,000 for attorney’s fees, and $15,000 to a fund – and agreed to […] read more

HIPAA Desktop Computer Encryption: Bay Area Pain Medical Associates Has HIPAA Breach.

Another incident that shows the importance of using HIPAA encryption software on desktop computers.  In addition, it shows why full disk encryption is preferential to file encryption. Medical Establishment Break-in Bay Area Pain Medical Associates, according to phiprivacy.net, has contacted patients that three desktop computers with patient data were stolen in May of this year.  […] read more

Medical Laptop Theft: Is It Really The Hardware They’re After?.

Penn Medicine Rittenhouse has contacted approximately 600 people, alerting them of a data breach. It’s one of those instances where advanced IT couldn’t have really helped (paper documents were stolen), but it does lend to the following question: are we to really believe that laptop thefts from medical establishments are for the hardware and not […] read more

TrueCrypt is dead — and that might not be a bad thing.

TrueCrypt recently shut its doors and offered little explanation to its users. Was its software secure or subject to illegal activity? What were the implications of the company’s closure?  Clients depend on reliable security to keep their information safe. However, many organizations think it’s cost-efficient to use open-source data encryption software. This could end up […] read more