Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

Lack of Basic Security allows BlueCross and BlueShield to loses 500,000 members Health and Financial Records - January 19, 2010

Orlando Florida -- BlueCross and BlueShield of Tennessee has announced it has so far notified more than 157,000 members of the theft of identifiable data in early October that affected an estimated 500,000 members. The Chattanooga, Tenn.-based insurer announced the theft within days of its occurance. It started notifying members in early December as evidence that their information was on stolen files surfaced during an investigation that continues.

In October, 57 hard drives containing audio and video files were stolen from a leased facility that previously housed a call center and was in a transition stage with some employees still working at the facility. The files related to coordination of care and eligibility phone calls from providers and members. The video files were images from computer screens of customer service representatives and the audio files were recorded telephone conversations. The stolen material included an estimated 1.3 million audio files and 300,000 video files.

The files contained demographic information and BlueCross ID numbers. They also contained diagnostic information and Social Security numbers for many of the affected members. The files were encoded, which is a process of converting data by use of a code to make it unreadable, but not encrypted, which changes plain text into ciphertext, or characters, using algorithms and a key.

The plan hired New York security firm Kroll Inc. to review backup files and identify affected members, conduct forensic data matching to determine the data at risk for each member, and to assess BCBS of Tennessee's systemwide security. The plan "has taken several actions to strengthen these protocols," the company said in a Jan. 13 statement updating its progress. Among the changes is a requirement now that all data resides in properties that BCBS of Tennessee owns, according to a spokesperson.

The theft occurred on Oct. 2 and the plan learned about it on Oct. 5. Work to identify and match data began on Oct. 7. The plan and Kroll completed an audit of back-up files on Jan. 4 with analysis of the data continuing. Notification letters to affected members started on Dec. 7.

We have seen this all before, companies like Blue Cross and BlueShield thinking that it would not happen to them, well it did and it will happen again if they don't improve their in-house security, says Brian McCarthy CEO for Sencilo HealthIT Solutions. This will be more and more common place in the news, now that there are laws requiring sloppy firms that do not protect their clients informations, blasts McCarthy. Whether you are a large company or a small doctors office you are required by law to keep client information protected or face large fines and lawsuites. Just ask the CIO of BlueCross how much this will cost them, if their straight with you it will be in the tens of millions, says McCarthy.

As of Jan. 7, the insurer has identified 220,000 members at highest risk and has notified more than 157,000. These members had their Social Security number among the data that was stolen. The plan remains in the process of identifying and notifying additional members at lower risk because their Social Security numbers were not among the data. All affected members will receive free credit monitoring and identity theft protection services for one year, with enhanced services for those with compromised Social Security numbers.

For more information please call (407) 641-5199 or visit us at: http://www.sencilo.com and let us "Uncomplexify your Information Tecnology"

Why Sencilo HealthIT Solutions
When it comes to your healthcare computing needs, Sencilo HealthIT Solutions's main objective is to provide a turnkey solution that can essentially sustain itself. When you choose Sencilo HealthIT Solutions, you don't just gain a vendor who provides you with technology. You get a business partner who walks with you through every step of the process

Sencilo HealthIT Solutions eHealthcare Architecture: More than technology
With Sencilo HealthIT Solutions eHealthcare Architecture, you can leverage the same productivity tools and technology resources that have transformed business. And you get a full portfolio of services too. By working with Sencilo HealthIT Solutions, you can get:

A dedicated customer team
A website customized for your institution
A full portfolio of robust solutions
Easy setup, implementation and maintenance
Simple ordering and delivery
Technology training
Flexible financing options


Sencilo HealthIT Solutions Professional Services makes it easy

In addition to providing high-quality technology at a low cost, Sencilo HealthIT Solutions Professional Services can help you plan your healthcare computing from the ground up. By working with you from the initial construction phases, we can help you save time and money and lead to a truly customized solution.

Sencilo HealthIT Solutions Professional Services offers complete services that include:
Design
Procurement
Installation
Training
Maintenance
Support

About Us

Sencilo HealthIT Solutions is a Florida-based integrator specializing in EHR Cost Cutting storage, security and managed services solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including Allscripts, VMware, Dell Fujitsu Data Domain, EMC, Hitachi, Symantec, HDS, IBM, Commvault, Xiotech and HP.

Sencilo has offices throughout Florida including: Orlando Lake Mary Daytona, Medical City

solutions include BC DR planning Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security "meaningful use" "meaningful usage" EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Network Backup appliance Data Recovery Backup Health IT Healthcare IT Digital Hospital Allscripts Patient Data electronic health record P4P rules and the HITECH Act PayerView Rankings practice management tools $44,000 in Medicare or $66,000 in Medicaid from the American Recovery and Reinvestment Act eClinicalWorks, Allscripts, NextGen, GE Centricity, and Meditech Electronic Healthcare IT Medical Records EHREHR Clinical Practices eClinicalWorks Allscripts Florida EMR, EHR, electronic medical record, health, records, practice management systems solutions, medication services, PHR Otolaryngology, Orthopaedics, Pain Nuerosurgery, Urology, Ophthalmology, Cardiology, Billing, Appointment Scheduling, clinicalworks, eClinicalWorks, solutions for physicians, hospitals, clinical education and medical services Computerized Patient CPR, Order Entry, CPOE, Document Clinical Information Informatics, Computer-based, SOAP, HIT, Healthcare Encounter Forms, web based, online, clinical rules database, electronic prescribing, e-prescribing, eprescribing, athenaClinicals, certified EMR, certified EHR, HITECH Act VAR Reseller Dealer hipaa privacy doctor, healthcare performance management, data security, hosting, arra, free, InterFAX, MyWay, HIPPA, EasyPayMedicare, MedicAID, SureScripts, FNC, billing, superbill iMedica Tiger on Windows, eprescribe pqri simple practice management revenue cycle e-cw e-clinicalworks greenway emds nextgen ge sage athena epic klas Dragon NaturallySpeaking speech recognition Google Health, Microsoft Healthvault Health Internet certified "meaningful use" violations