Health insurance provider Horizon Blue Cross Blue Shield of New Jersey has disclosed that the theft of two laptops from it’s main offices has exposed as many as 840,000 of their customer’s medical records.
The laptops, which had been locked down to staff workstations by means of cables, were discovered missing and the data they contained was determined to have been completely unencrypted.
“A detailed review led by outside computer forensic experts has confirmed that the laptops may have contained files with differing amounts of member information, including name and demographic information – for example address, member identification number, date of birth – and in some instances, a Social Security number and/or limited clinical information,” Horizon Blue Cross Blue Shield said in a statement.
“Due to the way the stolen laptops were configured, it is not certain that all of the member information contained on the laptops is accessible.”
The breach is set to go down as the second largest healthcare records data loss event in all of 2013, according to statistics maintained by the Department of Health and Human Services.
“The cost of encryption has come down and the government has higher expectations than ever before that you’re going to encrypt. And so no matter what physical safeguards you have in place, it’s becoming more challenging to convince the government that is was reasonable and appropriate not to encrypt,” said privacy expert and attorney Adam Greene
Read More Here…