Privacy alert: What to do about lost, stolen data

posted February 24th, 2009

Laptop computers, thumbdrives, personal digital assistants, and other mobile devices make accessing electronic information easier and often more efficient.

These portable devices may also be easily lost or stolen. If patient information or other sensitive information (Social Security Numbers, personal financial information, etc.) is stored on these portable devices, patient’s identity and Duke could be at risk.

To prevent the loss of data:

  • Do not store sensitive information on laptops or mobile devices. Use remote access services like the Duke Medicine VPN service, virtual PIN and other Citrix services to access the needed information. Information saved on these servers is secure and backed up nightly.
  • If you must store information on mobile devices, encryption of the information is required. Contact your technical support person for assistance.

If your laptop or mobile device is lost or stolen:

  • Contact your information security officer or the DHTS Service Desk at 684-2243. Security support personnel are listed at https://www.iso.duke.edu/iso/isop/isl.php. Contact Duke Police at 684-2444 and Risk Management at 684-3277.
  • Provide the last known location of the device.
  • Identify all patient health information or sensitive information stored on the device.
Commenting is not available in this weblog entry.