DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

U.S. HealthWorks notifying employees of laptop theft

Posted on June 1, 2015 by Dissent

U.S. HealthWorks, a Dignity Health member, is notifying employees that one of their fellow employees screwed them by  leaving a laptop with their unencrypted name, address, date of birth, Social Security number, and job title in a car, from where it was stolen overnight.

Well, they don’t describe it that way, but that’s the net result, isn’t it?

The theft occurred on April 21, and U.S. HealthWorks learned of it on April 22nd.

Why the employee left a laptop with their unencrypted information in a car overnight was not explained.

Why the data were unencrypted was unexplained.

The number of employees affected was not disclosed.

Whether the employee was disciplined in any way for this was not mentioned.

But U.S. HealthWorks wants its employees to know that it is “committed to maintaining the security and confidentiality of our employees’ information” and that the laptop was “password protected.”

U.S. HealthWorks also wants its employees to know that it has no reason to believe any of the information has been accessed or misused, although they don’t state whether there was any software on the laptop that would phone home in the event of access.

They also want employees to know that in “an abundance of caution,” they are offering said employees one year of Experian’s ProtectMyID service.

(How many stock phrases can their notification letter contain?)

Going forward, U.S. HealthWorks will “enhance” their procedures related to deployment of laptops and full disk encryption. It is not clear from that wording whether there was actually any encryption policy in place at the time of this incident that was violated and whether the laptop in question was supposed to have been using FDE.

They will also implement regular surveys or audits to help ensure compliance with their laptop policy.

 

 

???? ???????????? ??? ?????????? ??? ???????????? ???? ????????? ???? ???????????????? ??? ???? ??????????? ????????????? ????????????????????????????????????????????????????????????????????????????????????????????

Category: Commentaries and AnalysesHealth DataTheftU.S.

Post navigation

← Will standing remain an obstacle to data breach lawsuits in the 7th Circuit?
New York State Office of Mental Health Nathan S. Kline Institute for Psychiatric Research notified over 500 of lost laptop →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay
  • Ireland’s Data Protection Commission publishes 2024 Annual Report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.