2nd Breach at Calif. Public Health Dept.

Incident Involves Information Copied to a Drive
2nd Breach at Calif. Public Health Dept.
The California Department of Public Health has reported its second health information breach incident in recent months.

The latest breach involves an employee who improperly copied to a private hard drive and removed from state offices information on about 9,000 current and former state employees. The information on staff of the California Department of Health Care Services and the former Department of Health Services included names, addresses, plus varying combinations of Social Security numbers, ethnicity, birth dates, next of kin and their addresses, and/or information from workers' compensation documents.

Although the department has no evidence that the information has been misused or further disclosed, those affected are being offered free credit monitoring services.

The employee responsible is on administrative leave until an investigation is complete, state officials said. The public health department's security detection system alerted officials to the problem.

The department "has begun implementing additional safeguards to protect employee information as the investigation progresses," according to a statement. "CDPH is also conducting a thorough review of information security policies and will put in place any additional necessary policies or practices to help prevent such an incident from happening again."

Back in December, the department reported that a magnetic tape mailed from one office to another had been lost (see: Breaches at 2 Public Health Departments). The unencrypted tape included personal information on up to 2,550 public health facility residents and staff.

About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Howard J. Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 34 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network