Kaiser Permanente has a long and unfortunate history of having its patients' confidential data comprised by security breaches. And apparently, the HMO isn't very good at protecting its employees' confidential data, either.
On Friday, Oakland, Calif.-based Kaiser acknowledged that it's in the process of notifying nearly 30,000 Northern California employees of a security breach that may have exposed the type of confidential data stored in human resources departments.
That would most likely include Social Security numbers, which are generally regarded as a linchpin for perpetrating identity theft -- and a bonanza for crooks. And according to a report in the San Jose, Calif.-based Mercury News, some Kaiser employees have already reported identity theft activity related to the breach.
Kaiser said it was informed of the security breach by police in San Ramon, Calif., who found a computer file containing the Kaiser employee data while searching a suspect in an unrelated matter, a Kaiser spokesperson told Channelweb.com. The file didn't contain any patient data.
The suspect is not a Kaiser employee, and Kaiser has launched an internal investigation to determine the source of the breach, according to the spokesperson.
Although it's not clear how the latest breach occurred, in the past, Kaiser has been burned by the theft or loss of employee laptops containing confidential data. The Kaiser spokesperson said company policy requires the encryption of data on laptops and mobile devices, but declined to comment on whether data on the stolen file was encrypted.
According to Privacyrights.org, which maintains a chronological listing of data breaches, Kaiser has had confidential patient data compromised on four occasions in the last four years, all of them stemming from lost or stolen laptops.
In March 2005, The California Department of Managed Health Care slapped Kaiser with a $200,000 fine for exposing the confidential health information of 140 patients. In July 2006, a laptop containing data on 160,000 Kaiser patients was stolen, although the data didn't include Social Security numbers.
In November 2006, a stolen Kaiser employee laptop exposed personal data -- but not Social Security numbers -- on 38,000 patients in Colorado. And in February 2007, a Kaiser doctor's laptop was pilfered, this time leading to the exposure of 22,000 patient records, 500 of which included Social Security numbers.
|
10 Security Predictions For 2012 CRN looks into its crystal ball and sees Android, hactivisim and cyber-espionage as some of the top 10 security threats in 2012. |
|
10 Biggest Security Breaches Of 2011 The Top 10 Security Breaches of 2011 show hackers were relentless in their pursuit of profit, compromising computer systems of universities, video-game makers and the largest banks. |
|
The 10 Biggest Security Stories Of 2011 The 10 biggest security stories of 2011 showed that no one was safe from attack by cybercriminals, who target government, corporations, nonprofits and security vendors. |
 More
Slide Shows |
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
- Remote Management and IT Security: Building Profits While Reducing Costs
