Monday Morning Privacy 101
Can you identify the major problems lurking in this one short paragraph? We've given you some help.
The UCLA Health System has notified more than 16,000 patients of the theft of their PHI during a home invasion of a former employee. The PHI was contained on an external computer hard drive and although the information was encrypted, the password, which was written on a piece of paper near the hard drive, is also missing. The stolen information included names, addresses, and health information, however it did not include social security numbers or financial information.
This is "bulletin board material" for privacy professionals who deal with complaints relating to security requirements. Save it. Print it.
Author
Cynthia J. Larose
Member / Chair, Privacy & Cybersecurity Practice
Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.