Rankiteo Blog

Risk Strategies Company

Roshni Ray -

RSC Insurance Brokerage in Massachusetts reported a data breach provided written notification to its clients that it had completed its investigation and analysis of the incident.

There was no explanation in the notification to patients as to why the investigation and analysis took 5 months.

RSC notified HHS of the breach that it impacted 2,088 patients.

It was found that an employee’s laptop was stolen. In its disclosure letter, the laptop was described as “password-protected,” but there was no mention of any encryption or ability to remotely wipe the drive upon discovery of the theft.

Source: https://www.databreaches.net/another-business-associate-breach-another-gap-to-notification-of-patients

"id": "RIS34612323",
"linkid": "risk-strategies-company",
"type": "Data Leak",
"date": "08/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"