Blog

Tag: Data theft

“Clerical Error” in Georgia Results in Data Breach of 6 Million Voters

Clerical Error in Georgia Results in Data Breach of 6 Million Voters

A class action lawsuit was filed by two Georgia women alleging a massive data breach when Secretary of State Brian Kemp’s office released personally identifiable information (PII) of voters, including Social Security numbers, to the media, political parties and other paying subscribers.

Allegations include that the unauthorized information released in October in the voter lists also contained dates of birth and drivers’ license numbers.   Kemp’s office responded this was due to a clerical error where information was put in the wrong file and sent to 12 recipients on a disk.  It is unclear if it was an internal error or the fault of an outside contractor that caused the private information to be included in the file.


Challenge

Once private and confidential information leaves the protected confines of an information repository, file share or cloud-based service, authorized users can share it with anyone, do anything with it and compromise confidential information. Persistent data-centric security protects confidential data so that private information is protected regardless of where it goes or who has it.


Fasoo Solution

Advantages

Fasoo Enterprise DRM (EDRM) protects sensitive information through strong encryption and applies persistent security policies to protect it regardless of where it is or its format.  Once the data is protected, you can safely share it through email, USB drive, CD, external portal or any file sharing site.File access is tracked in real time for precise auditing and access can be revoked instantly.  If there is an assumption that unauthorized people have access to sensitive information, the person who shared the information or an administrator can immediately revoke access to those unauthorized users.

That protects against an “oops” moment when a “clerical error” causes a data breach and affects millions of people.  Fasoo EDRM truly protects and controls sensitive information while at rest, in motion and in use.

  • Securely share sensitive files internally or externally
  • Revoke access to shared files containing private information immediately regardless of location
  • Control who can View, Edit, Print and take a Screen Capture
  • Limit access time and number of devices
  • Trace and control user and file activities in real-time
  • Apply or modify existing security policies using content aware protection

Massive PHI Breach at Children’s Medical Clinics of East Texas

Children's Medical Clinics HIPAA violationAn employee of the Children’s Medical Clinics with a retaliatory agenda to cause damage to the clinic’s reputation, stole and improperly disclosed the confidential data of 16,000 patients. Notification letters were sent to affected people to inform them that an employee took paper records from the facility and sent screenshots of electronic patient records to a former clinic employee. The Office for Civil Rights (OCR) health data breach portal indicates patient names, dates of birth, diagnostic information and treatment information were disclosed.


Challenge

Your employees access sensitive and confidential patient information daily so they can do their jobs. Without persistent data-centric security, they can devise creative ways to defeat traditional perimeter based security measures. They can change the name of a sensitive file before printing it to avoid detection by security systems or make screen captures of sensitive information. If you are in healthcare, you need to protect printed PHI and other sensitive information from easily leaving your premises.  This is a HIPAA violation and can result in massive fines and legal action.


Fasoo Solution

Advantages

Fasoo can block printing or require approval prior to printing a document if the document contains sensitive information. Each printout can be forced to contain a visible watermark showing who printed it, including company logo, user name, IP address, time, date and other identifying information. This allows you to know the source of a potential data breach and deters people from inappropriate behavior when handling sensitive patient information. This solution works with any physical or virtual printer eliminating problems of using different printers or printer drivers. A full audit trail of all print activities, including the text or image of the actual printed content, ensures complete control of your printing environment. In addition, Fasoo can prevent screen captures. These features reduce risk of exposing patient information.
  • Restrict printing documents with PHI or other sensitive information
  • Require authentication prior to retrieving a printout
  • Apply dynamic watermarks to printouts without user intervention
  • Trace and manage printing activities, including the actual content of documents in text or image format
  • Limit printing to virtual printers
  • Control who can View, Edit, Print and take a Screen Capture
Categories
fasoo_logo
Contact Us
Your data security journey starts from here!
See how Fasoo can help your data privacy and security.