Stolen Employee Laptop exposes Patients e-PHI Due to Unencrypted data
Who: Re-Solutions, a division of RSC Insurance Brokerage
# of Accounts Breached: 2,088
What was affected: A laptop computer of an employee was stolen on August 23, 2018, and has been found to contain patients’ ePHI
When it happened: August 23, 2018
How it happened: On August 23, 2018, an employee’s laptop was stolen. The business associate reported the theft to law enforcement and changed the employee’s credentials so that the thieves would not be able to use the laptop to access the RSC’s systems. However, the laptop was not encrypted, but the only password protected, files on the device could have been accessed.
Outcome: On March 1, RSC notified HHS of the breach as impacting 2,088 patients. They also began sending notifications to those affected