A laptop computer with information on 7,000 patients was stolen from locked office. It sounds like hard disk encryption was not used to protect the contents of the laptop. However, encryption may not have been necessary in this case, seeing how the information was deleted. Sort of.
An employee working at the CCHHS Administration building reported the laptop missing. The computer contained at one point names, dates of birth, Social Security numbers, and administrative codes for approximately 7,000 patients. It is mentioned that password-protection was used (I've already covered earlier this week why password-protection is anything but). Whether the likes of encryption software like AlertBoot was used is not mentioned, although CCHHS has announced that they've already strengthened encryption practices in their organization. Does that mean new deployments of encryption? Or does it mean that old encryption was upgraded? Or what does it mean?
An employee working at the CCHHS Administration building reported the laptop missing. The computer contained at one point names, dates of birth, Social Security numbers, and administrative codes for approximately 7,000 patients.
It is mentioned that password-protection was used (I've already covered earlier this week why password-protection is anything but). Whether the likes of encryption software like AlertBoot was used is not mentioned, although CCHHS has announced that they've already strengthened encryption practices in their organization.
Does that mean new deployments of encryption? Or does it mean that old encryption was upgraded? Or what does it mean?
This confusing language also extends to whether there was any data on that laptop: Investigators also found that information has since been deleted from the computer, but may still be on the internal memory, the release said. [myfoxchicago.com] What does this mean? I guess it's alluding to the fact that, when you delete data, you don't really delete data. I mean, there is a reason why data recovery software works (and it's not magic): when you empty the "trash bin" on your computer's desktop, what you're really doing is deleting the instructions for finding a file. The file with the data still exists at that point; it is recoverable. However, deleting the instructions for finding files also frees that space on the computer's hard drive to be used again, meaning that it will be written over with a new file at some point. At that point, the data really is gone. Unless it's written over, "deleted" files can always be recovered. Of course, none of this would be an issue if disk data encryption had been used. In a way, what you're really doing with encryption is continually re-writing information. Encrypted data is jumbled-up data in its natural state. Provide the correct password and that jumbled-up data is rewritten into information that makes sense. Turn off your computer, and the information goes back to its jumbled-up state.
This confusing language also extends to whether there was any data on that laptop:
Investigators also found that information has since been deleted from the computer, but may still be on the internal memory, the release said. [myfoxchicago.com]
What does this mean? I guess it's alluding to the fact that, when you delete data, you don't really delete data. I mean, there is a reason why data recovery software works (and it's not magic): when you empty the "trash bin" on your computer's desktop, what you're really doing is deleting the instructions for finding a file.
The file with the data still exists at that point; it is recoverable. However, deleting the instructions for finding files also frees that space on the computer's hard drive to be used again, meaning that it will be written over with a new file at some point. At that point, the data really is gone. Unless it's written over, "deleted" files can always be recovered.
Of course, none of this would be an issue if disk data encryption had been used. In a way, what you're really doing with encryption is continually re-writing information. Encrypted data is jumbled-up data in its natural state. Provide the correct password and that jumbled-up data is rewritten into information that makes sense. Turn off your computer, and the information goes back to its jumbled-up state.
Related Articles and Sites:http://www.databreaches.net/?p=13414http://www.chicagobreakingnews.com/2010/08/details-of-7000-cook-county-patients-may-be-on-stolen-hospital-laptop.htmlhttp://www.myfoxchicago.com/dpp/news/metro/cook-county-hospital-patients-identity-info-stolen-missing-laptop-20100820