Jury awards woman $30k after physician ex-husband illegally accessed her medical data

beckershospitalreview.com

“Avera was also named in the suit, but the jury decided not to hold the hospital liable since Avera argued Dr. Krouse violated its policies by using login credentials of other employees to access Ms. Krouse’s medical information.”

Case and point, pins and passwords do not protect anyone or anything. You simply never know who is using them because they do not uniquely identify you.

 

UW Health and former employee sued over unauthorized medical record access

host.madison.com

“Lucey (former billing specialist Kila Lucey) accessed 2,629 individual records of the 19 people without their knowledge or permission.”

“Brunette (UW Health spokeswoman Lisa Brunette) said that all UW Health employees are trained in policies related to the privacy and security of patient information. Only employees who have work-related reason to access patient information are granted access to UW Health’s electronic medical record system. UW Health conducts regular audits to ensure that employee access is in accordance with these policies.”

Another great example of how current due diligence to protect patient records is clearly not working. It’s far too easy for employees to access records they shouldn’t and for businesses to drop the ball on conducting effective audits to manage the problem.

It is time we give the most important asset-the patient-the protection, privacy and security they deserve.

The FTC On Identity Fraud’s Biggest Threat

pymnts.com

“Accounts being taken over is becoming a less challenging threat than fraudulent accounts and synthetic identity frauds, where stolen data is attached to fabricated accounts and identities. Because in those cases, the merchant and the creditor don’t know you, outside of the authentication information you provide up front.”-John Krebs (Manager of Identity theft program at Federal Trade Commission (FTC)

For businesses to know you, they need to be able to identify you, not authenticate or verify. At TASCET, we have created a process that uniquely identifies individuals to ensure one person, one identity. The process ensures an individual is not attributed to multiple or synthetic identities, whether through human error or an attempt at fraud. In other words, nobody can be you but you.

Equifax Just Changed the Rest of Your Life

nerdwallet.com

“Credit freezes lock down your credit reports in a way that should prevent “new account fraud,” or bogus accounts being opened in your name. But there are so many other ways the bad guys can use the information they stole, which included Social Security numbers, birthdates, addresses and some driver’s license numbers. Others include:

  • Stealing your tax refund and preventing you from filing returns by submitting fake ones
  • Using your information to get health care, which can result not only in medical collections on your credit reports but a stranger’s health information getting mixed in with your records
  • Giving your identification to the police when they get arrested, creating criminal records that could land you in jail or prevent you from getting a job
  • Filing for bankruptcy in your name or transferring deeds of property you own.”

As consumers, we continue to pay the price for the inadequate investment that companies have made to ensure our identities and identifying data are safe and secure. At a minimum, we should be demanding that our banks, hospitals and shopping centers adopt new technology and systems that will do this.

TASCET’s standard identification process provides not only the ability for companies to uniquely identify their customers, clients and patients, but also to make their identity anonymous and data useless to potential hackers in the event of a breach.

The White House and Equifax Agree: Social Security Numbers Should Go – Bloomberg

bloomberg.com

Finally. Is now the time to remind everyone that the SSN was never meant to be used to verify identity? The SSN doesn’t need to be replaced for its intended purpose – to track income for tax purposes. Somewhere along the way, things went awry. Remember when SSNs were on our driver’s licenses?? How about your college ID? The digital age hit and everything went digital, except our identities. They’ve stayed cemented in information and documents, and fraud has flourished. The SSN doesn’t need to be replaced. We need a new system of identity and identifiers, and it’s being adopted.

By Brenda Sorenson

Senior Vice President, Tascet

Secured2 and TASCET Launch Algo5, Providing the Five Components Needed to Secure Data in Today’s High Risk Environment

Algo5 secures data from internal and external threats, allowing access and retrieval only by known authorized users.

MINNEAPOLIS, Minn. & MADISON, Wis. – Secured2 Corporation and TASCET today announced the launch of Algo5, a proprietary security platform to protect data from threats (breaches, hacks and disasters) resulting from both internal vulnerabilities and external sources.

Secured2 protects data from document origination to the endpoint (cloud, local storage or hybrid) through its solution, Beyond Encryption. TASCET, an identification company, implements a proprietary process to ensure one person, one identity through SuperToken. Together, they enable companies in any industry to offer the most secure end-to-end data storage solution available today.

Algo5 provides all five of the crucial components necessary to secure data in today’s high risk environment.

Security breaches suffered across industries are driving the need for an advanced solution. Algo5 provides security and cost savings by shrinking and shredding data, then dispersing it among numerous locations, with each location separately encrypting the data. The data can be accessed and retrieved only by users who are authorized and known through a SuperToken.

“There are too many weak points in the way data is stored and accessed today,” said Daren Klum, CEO of Secured2. “Without Algo5, the risks are simply too high. Algo5 brings together two technologies – identification and data security at the file level – that are changing the way companies store, access and retrieve data.”

SuperToken establishes the unique identity of users and links them to a single identifier that cannot be altered, shared or stolen. The data dispersed using Algo5 is fully restored only through a request based upon a confirmed SuperToken, preventing access by unauthorized persons who reside inside or outside the organization.

“Breaches are increasingly caused by external forces gaining access through internal personnel,” said Larry Aubol, CEO of TASCET. “By managing internal access, companies limit external threats.”

“Algo5 provides all of the crucial components necessary to secure data in today’s high risk environment,” said Aubol. “This includes the identification of users, which ensures that access is allowed only by users who are known. This step is nonexistent in approaches that rely on authentication.”

“Algo5 is a great example of two companies joining forces to provide an end-to-end solution that is business-critical,” said Klum.

About Secured2

Secured2 Corporation (www.secured2.com), a Microsoft Partner, is a data security technology pioneer. Beyond Encryption, the company’s core product introduces a shrink-shred-secure-restore methodology, combined with new compression technology that reduces the size of data up to 80 percent. Secured2 drives innovation for organizations that require 100 percent security for critical data assets.

About TASCET

TASCET (www.tascet.com) is an identification company, serving industries including financial, healthcare, cyber, retail and travel. Its Identity Infrastructure enables a proprietary process for identification and anonymity. TASCET’s Super ID and SuperToken ensure one person, one identity, enabling organizations to prevent fraud, streamline processes and protect consumers.

 

Contacts:

Secured2 Corporation

Daren Klum, 612-756-7099

daren.klum@secured2.com

 

TASCET

Brenda Sorenson, 608-442-8888

bsorenson@tascet.com

Study Shows Health Workers Frequently Share EHR Passwords

healthcaredive.com

“Researchers found widespread sharing of EHR passwords, putting patients’ personal health information at risk, according to Healthcare Informatics Research.”

It is clear that even employees do not view and/or adhere to pins and passwords being an effective way to secure access to data. Employers need to take this seriously, as they will be the ones held accountable when that data is leaked, lost or stolen, whether it be by their employees or an outside threat.

 

Summit Credit Union Sues Equifax

pymnts.com

“Financial institutions will also need to take other necessary steps to protect themselves and their members or customers, including notifying members or customers, as appropriate, that their accounts may have been compromised.”

It’s not enough to just communicate to your customers that they may or may not have been hacked and that their personal information could be at risk. Data breaches will occur, so what can these banks do to ensure security and protection for their customers moving forward?

They can be proactive, by making their customers information anonymous and thus useless to any potential hacker. This is what Super ID does.