SAIC Loses Data of 4.9 Million Patients 182
An anonymous reader writes "Government contractor SAIC just can't seem to get a break. Still fresh off of the Citytime scandal, they've now had a data breach in which backup tapes holding 4.9 million personal health records were stolen from an employee's car. To add insult to injury, evidently the tapes were not encrypted either: 'Tricare did not indicate whether SAIC encrypted the information on the stolen tapes, but Raley said, "It's very hard to encrypt a backup tape."'"
Re:Espionage? (Score:4, Insightful)
What's the probability that someone breaks into your car and steals computer tapes?
Maybe not as high as an employee selling the tapes and claiming that they were stolen.
Re:My professional opinion (Score:5, Insightful)
Nail. Head. Hit.
"special hardware and software" gets me...
A LTO-5 drive and access to GNU tar or cpio is an alt-tab away for a number of IT people.
Re:A few facts distilled from TFA (Score:4, Insightful)
Well if it's a strictly Government program HIPAA isn't its regulatory framework. They'd still have a requirement to protect Personally Identifiable Information under FISMA act of 2002 and OMB Memorandum 06-16 which came out after the VA lost their records. Among other things M06-16 requires you to encrypt senstivie data on mobile media and data in transit.