Even when a stolen laptop ends up in the bottom of a lake, if you didn’t encrypt the device you’re sunk.
Two intruders broke into the facilities of South Carolina-based Self Regional Healthcare and stole an unencrypted laptop containing 39,000 patient records, reports attorney Linn Foster Freed-man in a recent blog post for law firm Nixon Pea-body. Law enforcement later arrested the intruders, who admitted to the break-in and theft but claimed they never accessed the information on the laptop and dumped the computer in a nearby lake, Freed-man says. Divers were unable to locate the device. Because the laptop was unencrypted and not recovered, the hospital elected to notify the potentially affected patients.
Lesson: “The incident reiterates that re-movable media like laptops should be encrypted at all times — when they are within a locked premises, as well as when they are removed from the facility — as the risk of theft is always present,” Freedman warns.