Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monday Morning Privacy 101

Posted in Data Breach, Data Breach Notification, HIPAA/HITECH, Uncategorized

Can you identify the major problems lurking in this one short paragraph?  We’ve given you some help.

The UCLA Health System has notified more than 16,000 patients of the theft of their PHI during a home invasion of a former employee.  The PHI was contained on an external computer hard drive and although the information was encrypted, the password, which was written on a piece of paper near the hard drive, is also missing.  The stolen information included names, addresses, and health information, however it did not include social security numbers or financial information. 

This is “bulletin board material” for privacy professionals who deal with complaints relating to security requirements.  Save it.  Print it.