The Case of the Missing Laptop - Exabeam

The Case of the Missing Laptop

March 24, 2015


Reading time
2 mins

Missing (or stolen) laptops are a big deal, but, they are an even bigger deal in the heathcare vertical. The HIPAA/HITECH act essentially updated HIPAA in 2009 to take into consideration electronic health records (EHR) data as the industry continues to move from paper to electronic recordkeeping.

The HITECH Act now imposes data breach notification requirements for unauthorized uses and disclosures of “unsecured PHI.” These notification requirements are similar to many state data breach laws related to personally identifiable financial information (e.g. banking and credit card data) but with a twist. Under the HITECH Act “unsecured PHI” essentially means “unencrypted PHI.” If a breach impacts 500 patients or more then HHS must also be notified. Notification will trigger posting the breaching entity’s name on HHS website. Under certain conditions local media will also need to be notified.

At one of our recent deployments, a customer was faced with this exact problem. A manager was let go from the healthcare company but his laptop was not recovered as a part if his dismissal. For seven tense days the search was on with the question looming, will we have to post this as a self inflicted data breach on the HHS website. Normally, as described by the security team, they’d use their not-so-up-to-date asset database, the anti-virus server and a few Splunk searches to try to find the laptop.

Exabeam was able to show the laptop as having moved to another network zone and had been recovered by a different team. This kept the healthcare company from erroneously reporting the laptop as lost and potentially a physical data breach per HIPAA/HITECH.

Want to get a demo — Just press the button below!

The Demo Button


Similar Posts

What’s New in Exabeam Product Development – November 2022

Exabeam News Wrap-up – December 1, 2022

Exabeam Achieves ISO 27017 and ISO 27018 Certifications

Recent Posts

Understanding UEBA: From Scored Events to Stories

What’s New in Exabeam Product Development – November 2022

Exabeam News Wrap-up – December 1, 2022

See a world-class SIEM solution in action

Most reported breaches involved lost or stolen credentials. How can you keep pace?

Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.

Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.

Get a demo today!