NIH to crack down on encryption
Mary Mosquera reports on FCW:
The director of the National Institutes of Health has notified employees to expect random computer audits as the agency works to ensure full compliance with its security policies. NIH discovered that a stolen laptop PC belonging to NIH contained medical data and Social Security numbers of 1,200 patients involved in medical research.
The theft of the unencrypted laptop was a major violation of NIHâ€™s commitment to protect the confidentiality of patients, Dr. Elias Zerhouni, the agencyâ€™s director, said in a memo sent to all NIH employees.
NIH originally believed that no Social Security numbers were on the missing laptop, but an investigation of backup files proved otherwise. NIH is sending letters to notify those who might be affected. NIH is offering free credit monitoring and insurance for as much as $20,000 in losses for patients affected by the incident, an NIH spokeswoman said.
Full story – FCW