MD Anderson Breach: What to Learn - Absolute Blog | The Leader in Endpoint Visibility and Control | Absolute

Products
Back
Products

Absolute Resilience

Extend self-healing capabilities to devices and apps and ensure that critical controls are always present and working as intended.

Absolute Control

Take action on devices to protect data, or maintain and prove compliance.

Absolute Visibility

Manage, track and, recover devices, with an unbreakable connection to every endpoint.
Platform

Compare Products

Requirements

Device Compatibility

Persistence® Technology

Application Persistence

Mobile App
Platform Updates

Security Information

Absolute Services

Technical Support

Absolute for Home
Compare All Product Features
Solutions
Back
By Team

IT Solutions

Simplify your IT asset management by tracking and securing all your devices and data with one zero-touch, automated platform.

Security Solutions

Maximize the value of your security spend with an unbreakable, undeletable connection to all your devices and data.
Use Cases

Device Lifecycle Management

Automate Hardware Audits

Automate Software Audits

Improve Helpdesk Efficiency

Find and Fix Vulnerabilities

Google Admin Console Integration
Enforce Security Standards

Detect Endpoint Risks

Respond to Endpoint Risks

Prove Compliance

GDPR Compliance
Register for a Free Demo
Industries

Back

By Vertical

Healthcare

K-12 Education

Higher Education

Government

Professional Services

Financial Services

Featured Resources

Research Study

Forrester study reveals new endpoint security challenges

Executive Report

The Third Question: What CISOs Aren’t Asking and What’s at Stake

Register for a Free Demo
Partners
Back
The Absolute Ecosystem

Device Manufacturers

Firmware-embedded by these leading systems manufacturers

Resellers

Available from resellers and distributors worldwide

Independent Software Vendors

Extend Absolute’s self-healing capabilities to your applications

Managed Service Providers

Manage customer device and remediate risks from a single cloud-based console
Quick Links

Device Compatibility

Our Partners

Become a Partner

Partner Portal

Video: Absolute for Resellers and MSPs
Become a Partner
Resources
Back
Featured Research

Take A Proactive Approach To Endpoint Security

Forrester study reveals new endpoint security challenges.

What CISOs Aren’t Asking and What’s at Stake

Global CISOs share the biggest challenge facing cybersecurity teams today.
Learn

Resource Center

Distance Learning Solutions Hub

COVID-19 Data Hub

Absolute Undeletable Podcast

Customer Stories

Blog
Connect

Events & Webinars

Support

Our Partners
View All Resources
Company
Back
Absolute Software

About Us

Learn why Absolute Software is the leader in Endpoint Resilience®

Investor Relations

Review financial performance, stock info, and investor resources.
Company Detail

Leadership Team

Board of Directors

Industry Advisors

Legal

ESG Policy
Press Releases

In the News

Logos

Careers

Contact Us
Register for a Free Demo
Request a Demo

COVID-19 Dashboard

By: Absolute Team | 7/4/2012

The University of Texas MD Anderson Cancer Center recently issued a notice that they have suffered a data breach putting as many as 30,000 patients at risk. Experts predicted that healthcare data breaches would reach "epidemic proportions" in 2012 and we are certainly seeing a continuation of large breaches in this industry. This particular breach offers many opportunities for improvement, which we will go over.

According to the note, an unencrypted laptop was stolen from a MD Anderson employee's home; police and MD Anderson were notified of the theft on May 1st. After outside forensics experts were called in, MD Anderson was able to confirm that the laptop contained patients' personal information including names, medical record numbers, treatment / research information and some Social Security numbers.

There is a lot we can learn from this breach about things MD Anderson could have done better, including:

Encrypt all laptops
Have inventory of data and where it is (this information should be instantaneous, not the result of forensic experts)
Set standards for the types of data employees can access and what they can do with it
Effectively communicate company privacy policies
Have software such as Computrace to allow you to respond if a device is missing or stolen - such response could include locking the device, delete data and notifying us so we can attempt to recovery the device

If you work in healthcare, read more about how Absolute Software can help you best meet your endpoint security and management needs.

Absolute Team

All Posts By This Author