Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Preventing a Privacy Breach Is Less Expensive Than Managing A Privacy Breach!

Prevent privacy breach

Sharing is caring!

0 shares
  • Share
  • Tweet
  • LinkedIn
  • Email

Do you have a privacy breach awareness program in place in your healthcare practice? Spotting a privacy breach is the first step to stopping a privacy breach. You Can Use This Privacy Breach Example to Review and Improve Your Practices.

In May 2018 an employee of the NWT was travelling on business in Ottawa.

The employee left the laptop in a locked vehicle. The laptop was stolen. The employee thought that the laptop had been encrypted; however, in the investigation it was determined that the laptop was not encrypted.

Loss of Control of Health Information

The employee had authorized access to the health information to perform statistical analysis for their job. The employee thought that the laptop was encrypted and that it had a secure password.

Later, when the theft was reported to the NWT Health Department and an internal investigation was conducted, it was determined that the laptop had not been encrypted.

There was a large amount of data on the laptop – an estimated 80% of the NWT's population might be affected by the breach.

Apparently, the laptop has not been recovered.

In 2018, the NWT Privacy Commissioner reported the investigation.

In February 2019, the investigation about the incident is still being reported in the media! The NWT Health Department has provided reams of information about the information that was included in the breach.

This breach was entirely preventable.

Keep this story in mind when you are trying to determine the return on investment to purchase a robust privacy and security management plan for your mobile devices and remote access to health information.

You can pay a little more now and ensure that your devices are securely encrypted with secure access and remote-wipe abilities and privacy awareness training . . . or you can pay over and over again for an investigation and bad publicity that never ends!

Privacy Breaches – What You Need to Know

  1. Preventing a privacy breach from common sources of risk is usually far more cost effective than managing the privacy breach investigation!
  2. Password protection of your laptop, smart phone, or USB device is NOT the same as encryption. Make sure that your mobile devices are encrypted. If you are not sure, find out from a reputable certified IT technician.

When we know better, we can do better…

I’ve helped hundreds of healthcare practices prevent privacy breach pain like this. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton, Your Practical Privacy Coach

Register for the FREE Training Video "Can You Spot the Privacy Breach?"

References and Resources

N.W.T. employee dug through planters, trash to find stolen laptop, weeks after privacy training. Priscilla Hwang · CBC News · Posted: Feb 26, 2019   https://www.cbc.ca/news/canada/north/stolen-laptop-nwt-security-details-ottawa-1.5024775 

#PrivacyBreach, encryption, Prevent privacy breach, stolen laptop

Privacy Policy

Copyright 2023 Information Managers Ltd.

0 shares
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}