Skip to main content

Author: Crown Information Managment

Security tips for smart phones

5 ways to protect your phone today . . .

SECURITY TIPS for SMART PHONES

Your smartphone holds all of your personal information and in the wrong hands can cause damages that you may never recover from. Does yours even have the lock activated?

Here are 5 ways to protect your phone today:
Don’t leave your phone unattended.
Install a password on your phone.
Activate tracking and remote wiping.
Be cautious when downloading unknown Apps.
Avoid FREE WI-FI, ask your provider about tethering.

Scheduled Disposition

Importance of establishing records retention schedules . . .

A records retention schedule is only as good as the retention program it supports.  Help your clients understand that records retention is an important component of many of the laws with which most corporations must comply.  Sell the program, not the schedule, and you will have dedicated clients . . . READ ARTICLE by Marylee Jacobs

 

MA Firm to Pay Civil Penalties

Property Management firm fined $15,000 after Data Breach of laptop containing personal information . . .

The Massachusetts Attorney General announced that a property management firm was fined $15,000 after the theft of a company laptop containing the personal information of over 600 Massachusetts residents.

According to the Massachusetts Attorney General, an employee of the property management company had a laptop containing unencrypted personal information stolen from her car during the night. This incident was found to be in violation of Massachusetts’ Data Breach Regulation.

In addition to paying $15,000 in civil penalties the company must:

  • Ensure that personal information is not unnecessarily stored on portable devices;
  • Ensure that all personal information stored on portable devices is properly encrypted;
  • Ensure that all portable devices containing personal information are stored in a secure location; and
  • Effectively train employees on the policies and procedures with respect to maintaining the security of personal information

 

HIPAA NEWS UPDATE

More than twice as many individuals have been affected by healthcare data breaches in 2013 than in 2012 . . .

So far, more than twice as many individuals have been affected by healthcare data breaches in 2013 than in 2012. And the main reason is a handful of mega-breaches. The very scary part is that three large, highly publicized data breaches have not been tallied yet. If confirmed the tally of individuals affected by breaches could surge by almost a million!  Not yet included on the 2013 list so far are:

Horizon Blue Cross Blue Shield of New Jersey:  This breach included the theft of two unencrypted desktop computers from the company’s headquarters which affected nearly 840,000 individuals.

The University of Washington Medicine:  This breach affected 90,000 patients.

Cottage Health System in California:  This breach affected 32,500 people who had their personal health information exposed on Google due to a business associate whose servers were not appropriately protected.

The key to preventing healthcare data breaches includes conducting a thorough risk analysis to identify security risks; encrypting computing devices, especially mobile devices and minimizing the amount of sensitive data stored on end-user’s devices.

Key steps to preventing healthcare data breaches of all sizes, experts say, include conducting a thorough risk analysis to identify security risks; encrypting computing devices, especially mobile gear; and minimizing the amount of sensitive data stored on end-users’ devices.

Taxes and Identity Theft

Call the IRS and inform them you believe you are a victim of identity theft . . .

Call the IRS and inform them you believe you are a victim of identity theft. (Often the way you will find out that something is amiss is when you don’t receive your refund check. It may have been issued to the thief who has assumed your identity).
Fill out IRS Form 14039 and fax or mail back to IRS.
Contact the Social Security Administration. If you contact them by phone they will tell you to contact the Federal Trade Commission.
Contact the Federal Trade Commission (877-438-4338). After you contact them by phone, you will be sent an Identity Theft Complaint Affidavit.
Contact your local police department and tell them you have been a victim of identity theft. Make sure you get a case number and follow up in a few days to get the full police report.
Contact one of the three credit bureaus: Equifax at 800-525-6285, Trans Union at 800-680-7289, or Experian at888-397-3742.
Tell them you are entitled to make a victim-of-fraud statement that will be put into your credit history. In my limited experience, Equifax the most helpful; they worked diligently to make sure I was taken care of. The service representative reviewed my credit to see if any fraudulent accounts had been opened. Fortunately I was OK.

Review your credit reports once every couple of months and look for any errors or fraud. All three companies offer a service at varying degrees of cost. Remember you are entitled by law to a free copy of your credit report at least once a year.

Don’t forget to send them a full copy of the police report. They will need this to keep your fraud alert on file for more than 90 days. All three companies are required to pass on your victim statement to the other two bureaus; however it is probably a good idea to call all three after a few days to follow up.

 

Community Health Systems Breach Hits Close to Home

CHS plans to notify affected patients and offer protection…

Community Health Systems (CHS), a large network of hospitals says hackers have stolen the personal information of 4.5 million patients, including patients in Florida. Community Health Systems (CHS) operates more than 200 hospitals across the country, 26 in Florida, and 12 in the Central Florida area. The company said hackers from China broke into its computers and stole the names, Social Security numbers, birthdates, addresses and telephone numbers of the patients.

The patients affected by the cyber-attack are patients who were referred to, or seen at some physician practices affiliated with some of Community Health System hospitals. Filing with the U.S. Securities and Exchange Commission, the company says the attack happened in April and June of last year. Community Health Systems Inc. says they have removed all of the malware from its network and added protection against future attacks. The company confirms none of the stolen data included credit cards or medical information.
CHS said it plans to notify the affected patients and offer identity theft protection.

 

Community Health Systems Breach Hits Close to Home

CHS plans to notify affected patients and offer protection…Community Health Systems (CHS), a large network of hospitals says hackers have stolen the personal information of 4.5 million patients, including patients in Florida. Community Health Systems (CHS) operates more than 200 hospitals across the country, 26 in Florida, and 12 in the Central Florida area. The company said hackers from China broke into its computers and stole the names, Social Security numbers, birthdates, addresses and telephone numbers of the patients.

The patients affected by the cyber-attack are patients who were referred to, or seen at some physician practices affiliated with some of Community Health System hospitals. Filing with the U.S. Securities and Exchange Commission, the company says the attack happened in April and June of last year. Community Health Systems Inc. says they have removed all of the malware from its network and added protection against future attacks. The company confirms none of the stolen data included credit cards or medical information.
CHS said it plans to notify the affected patients and offer identity theft protection.

 

FL Jury Finds Pharmacist Guilty of HIPAA Violations

Awards $1.44 Million . . .

A Marion County jury awarded a woman $1.44 million after a four day jury trial. The lawsuit alleged Audra Peterson, a pharmacist at a Walgreens store, improperly reviewed the prescription history of Abigail Hinchy, and divulged that confidential information to her husband, Davion Peterson, who has a child with Ms. Hinchy. The lawsuit spun out of a tangled relationship between the pharmacist, her husband and the man’s ex-girlfriend.
“As a provider of pharmaceutical service, defendant Walgreens Co. owes a non-delegable duty to its customers to protect their privacy and confidentiality of its customers’ pharmaceutical information and prescription histories,” Ms. Hinchy claimed in the lawsuit.
Walgreens was negligent in training and supervising Peterson, the suit said, while Peterson breached her statutory and common law duties of confidentiality and privacy to Ms. Hinchy.

 

Florida Raises the Bar on Data Privacy

Security and breach notification with passage of new law… On June 20, 2014, the “Florida Information Protection Act of 2014” (FIPA) was signed into law by Florida Governor Rick Scott, after it received unanimous support by the legislature. FIPA will take effect on July 1, 2014 and will replace Florida’s existing data breach notification law. FIPA dramatically increases the breadth of Florida’s data breach notification law.

  • Shorter timeline to notify
  • Expanded definition of “Personal Information”
  • FIPA applies to “covered entities” – healthcare or not
  • Mandatory notice to Florida Attorney General and production of proactive measures
  • Proactive measures are now required
  • Federal regulatory exemption
  • Third-party vendor notification
  • Unfair and deceptive trade practices Statute may be used