620,000 reasons to encrypt

I’ve talked about it before and as an organization we’re constantly trying to tell people and organizations that encryption should be the first line of defense for data on portable devices such as laptops. And yet again, we’re seeing a huge data breach in Canada, this time in Alberta, due to a laptop being stolen and not being encrypted.

Yesterday it was announced that Medicentres Family Health Care Clinics in Alberta lost a laptop containing the Personal Health Information (PHI) of 620,000 Albertans. It’s a staggering number. However, the more staggering details around this breach are three-fold:

  1. The data was given to an IT consultant ‘working on an app’ that needed large amounts of data to test the app. The odds that consultant should have had access to those records are likely very low.
  2. The laptop with that data wasn’t secured or encrypted to prevent illegal access to the data.
  3. This breach happened in September 2013 and is only coming to light now – nearly 4 months after the fact

It’s hard to believe these things keep happening in the Great White North given recent fiasco involving Human Resources and Skills Development Canada. There’s really no excuse these days for breaches of this scale and there’s lot’s that could be done to prevent these things from happening.

This current breach in Alberta happened because there weren’t proper checks and balances in place. The PHI wasn’t handled properly by the organization and the consultant and it should never have been shared. The organization either did not have encryption in place or did not mandate it on the consultant’s laptop.

Now there are more questions than answers and over 600,000 people have to worry about their PHI floating out there for anyone to see (potentially). It’s a scary proposition and it’s clear the Alberta Government is taking this seriously. It’s unclear what repercussions Medicentres will face, but in looking at the brand damage, likely patient legal recourse and other things – it’s going to be an expensive mistake.

It’s a mistake that could’ve been prevented with data encryption software that would have cost a fraction of what they’ll have to pay for damage control and other potential penalties.

Previous Post
Trusted Computing Group Opal vs Enterprise SEDs
Next Post
Put On Your Thinking Cap

Related Posts

data breach

The Most Costly Data Breaches of 2015

Have you lost track of the number of data breaches that have taken place in 2015? Before the year draws to an end, it’s nearly a certainty that there will be more, and that they will be high profile. (more…)
Read more

Hidden Benefits of Encryption for Legal Services

Lately we have noticed a growing interest for encryption and data security in the legal services industry. Legal services face a similar challenge as other verticals with the need to protect corporate assets being shared through multiple devices and portals.…
Read more

SecureDoc 6.2 is here!

As we teased last week, we have been gearing for a launch today and that launch is SecureDoc 6.2. Now, it may not seem like a significant step from 6.1 to 6.2, but it’s more than just what’s in the…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu