In the age of online connection, data loss dangers still reside within physical storage solutions. An employee for the New York Fire Department lost his personal external hard drive with thousands of medical records on patients that were treated by emergency services.
An employee was given authorized access to the medical records which spanned emergency services for patients from 2011 to 2018. He then transferred these files to his personal drive. The drive was reported as missing in March 2019, which exposed 10,253 patients records. In addition, the drive contained the Social Security numbers of 3,000 patients.
Reactions to the Lost Files
There have been no reports thus far regarding any identity theft circumstances or that any data on the drive has been compromised. As reparation, New York City officials offered free credit monitoring to the 3,000 people whose SSN are at risk. While the city is offering something, free credit monitoring is not considered an effective way to protect sensitive information, as seen in the recent Equifax payback.
All of the more than 10,000 victims were notified through email that they had been impacted by what the Fire Department is calling a “data breach.” While a data breach is technically defined as an unintentional release of private or secure information, the definitions vary. Another more detailed definition in the technology world includes an unauthorized person viewing the sensitive data at hand.
Since there have been no confirmed reports that anyone else has viewed the data on this drive, it may not technically be a data breach. Overall, it could be chalked up to insecure data storage practices in the workplace.
Securing Information in Any Industry
Physical data storage is still a popular medium in the technological world today and is less susceptible to hacking than online systems…if you have the proper protection. Hardware encryption still wins out in the external drive market. The SecureDrive BT is a hardware encrypted storage solution that eliminates data leaks.
The device can only be unlocked using an app on a mobile device. It offers two-factor authentication as well as Touch ID/Face ID (iOS) or facial recognition and fingerprint detection (Android). It has ideal uses for businesses with these extra layers of protection and the option to set one of the drives to read-only mode before sharing it with a coworker. This will prohibit the user from editing anything on the drive and simply allows them to view it.
The most effective feature is the ability for the drive to be remotely wiped from anywhere in the world using just your connected mobile device. The FDNY could have benefited from this feature by simply erasing the lost hard drive to prevent a hacker from accessing medical records and social security numbers.