in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Update to Centerstone Breach Post (Updated)

I received a call from Centerstone regarding yesterday's post, which has since been deleted per their request, and to which I readily acquiesced because Centerstone already encrypts all of their computers in order to comply with patient data security regulations: since there is no data breach, there is no story.

To recap--since the original was deleted--I had assumed that Centerstone didn't use encryption on their devices: computers and documents were swept away when their offices were flooded in.   The incident was reported by Centerstone to the Department of Health and Human Services, and made public as a breach involving 500 or more people at the hhs.gov site.  This prompted me to assume the worst.

Miss Mindy Tobias, the Centerstone representative I spoke with, said that patient privacy and security is of paramount importance at Centerstone.  And, she backed up those words by revealing that the computers lost in the flood were encrypted.  Readers of this blog know that many organizations talk the talk when it comes to data security breaches, but rarely are they found walking it (if anything, they're usually found scrambling to do something after a breach).  Clearly, Centerstone is not such a company.

My apologies to Centerstone and thank you for setting the record straight.

Updated (01 DEC 2011): I have been asked, if the computer was encrypted as claimed, why is Centerstone's name up in the HIPAA "Wall of Shame"? I imagine that's due to the fact that paper files were lost in the flood as well. The HITECH Breach Notification Rule also covers the loss and theft of patient files on paper. If the flooding took away a computer, it's only likely that paper files were lost as well.

 
<Previous Next>

Drive Encryption Software Not Used, SunBridge Notifies 3830 Of Laptop Theft

Hard Drive Encryption Used On Lost Department of Labor Laptop

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.