BreachExchange mailing list archives
KHPA informing consumers of an alleged loss of data CD
From: Dissent <Dissent () pogowasright org>
Date: Fri, 23 Mar 2007 20:08:25 -0400
Sounds more like data misplacement than loss, and wouldn't post it to DL at this time, unless you want to...? Giving you the whole article, because as I read it, it seems like overkill...? Don't even have numbers... http://www.49abcnews.com/news/2007/mar/23/khpa_informing_consumers_alleged_loss_data_cd/ The Kansas Health Policy Authority (KHPA) began notifying a small number of individuals that a computer disk containing information about their health records and identity may have been lost within the agency. A letter sent to the affected individuals should be received in the mail Friday. The password-protected disk was mailed to the KHPA by a company that helps process information about people receiving benefits. KHPA did receive the package with the disk, but the disk did not reach the person who was supposed to receive it. There is no evidence that the disk went beyond our office, the password was broken, or any information was taken off the disk. "The security of our customers' personal information is a serious matter and of the utmost concern to KHPA. We will continue to investigate this incident, and we have begun to further strengthen our standards of security," said Marci Nielsen, PhD, MPH, Executive Director of KHPA. "At this point, we have no reason to believe the CD has been taken for anyone's personal gain through use of the personal information contained on the CD." The KHPA's offices are secure. Employees and visitors must enter with a pass key or pass by a receptionist. Visitors are always escorted. KHPA is taking every step to ensure that individuals' information is kept private and is not compromised Friday and in the future. KHPA has conducted its own investigation, and as a result, is changing how it manages mail and other processes. Even though KHPA has a privacy officer, the agency will hire an additional person to help protect the privacy and security of customers' information. "The Board's Executive Committee was informed of this issue once we became aware of the situation. As an added precaution, I asked the Kansas Attorney General and the Kansas Bureau of Investigation to conduct an investigation. Their findings support our belief that the disk has been lost within the agency, and it is nothing more than simple human error," said Nielsen. Although KHPA does not believe someone outside the office has gained access to the information on the disk, the letter sent to individuals today includes steps as to what they can do to protect their private health and identity information. For individuals who have been affected by this lost data disk, a support line has been established at 785.296.3981. As a precaution, individuals who call for additional information will be asked to provide the customer identification number listed on the letter. -- Main site: http://www.pogowasright.org Main RSS feed: http://www.pogowasright.org/backend/pogowasright.rss Breaches RSS feed: http://www.pogowasright.org/backend/breaches.rss _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 158 million compromised records in 601 incidents over 7 years.
Current thread:
- KHPA informing consumers of an alleged loss of data CD Dissent (Mar 23)
- Re: KHPA informing consumers of an alleged loss of data CD lyger (Mar 23)