The Information Security Corner With Bob Shaffer
The U.S. Department of Health and Human Services reports that, since 2009, there have been 435 data breaches involving the unauthorized disclosure of more than 20 million records containing Protected Health Information (PHI). Nearly fifty percent of these breaches involved the loss of a laptop or another type of portable device.
The University of Texas System has not been immune to these unfortunate incidents. According to www.privacyrights.org, there have been 20 reported data breaches at various UT institutions since 2005. The most recent was reported on June 28, 2012, which involved the theft of an unsecured laptop containing 30,000 patient records.
We cannot consider 20 data breaches over the course of seven years isolated incidents; they are a reoccurring problem, which must be addressed immediately.
Dr. Kenneth Shine, UT Executive Vice Chancellor for Health Affairs, has directed UT Healthcare institutions to encrypt all laptops by August 31, 2012, regardless of their intended use, or types of data which may be stored on them. This directive also applies personally-owned laptops that are used to conduct UTMB business.
Fortunately, most UTMB laptops have been encrypted over the course of the past year. To validate that your laptop has been encrypted, look for the blue lock icon in the tray at the bottom right of your screen. If the blue lock icon is present, no further action is required.
If your laptop does not have the blue lock icon, or if you’re unsure of its encryption status, please contact the Information Services Helpdesk at x25200.
Please be advised, on September 1, 2012, all unencrypted laptops will be physically or logically removed from the network.For further information, please contact the Information Services Helpdesk at x25200 or visit our website at http://www.utmb.edu/infosec/encryption/index.asp.
Robert V. Shaffer Jr.