NIH to crack down on encryption

Mary Mosquera reports on FCW:

The director of the National Institutes of Health has notified employees to expect random computer audits as the agency works to ensure full compliance with its security policies. NIH discovered that a stolen laptop PC belonging to NIH contained medical data and Social Security numbers of 1,200 patients involved in medical research.

The theft of the unencrypted laptop was a major violation of NIH’s commitment to protect the confidentiality of patients, Dr. Elias Zerhouni, the agency’s director, said in a memo sent to all NIH employees.

NIH originally believed that no Social Security numbers were on the missing laptop, but an investigation of backup files proved otherwise. NIH is sending letters to notify those who might be affected. NIH is offering free credit monitoring and insurance for as much as $20,000 in losses for patients affected by the incident, an NIH spokeswoman said.

Full story – FCW

About the author: Dissent

Comments are closed.