After major breach, L.A. County looking to require encryption for contractors

Following a computer theft at the county health contractor’s office that compromised the personal health information of more than 342,000 patients, Los Angeles County supervisors are taking steps to tighten security rules, according to an article in the Los Angeles Times.

While the county currently requires its workers’ laptops to be encrypted, the supervisors voted to expand the policy to incorporate all county departments’ computer workstation hard drives. They also voted to develop rules requiring all of the country’s contractors that exchange personal identifiable information and protected health information to encrypt data as a condition of working with the county.

In February, eight computers were stolen from the Torrance office of Sutherland Healthcare Solution. Personal information at risk included first and last names, Social Security numbers, billing information, birth dates, addresses, diagnoses and other medical information.

Since then, at least three lawsuits have been filed against the county and Sutherland over the incident, alleging, among other things, that the company failed to encrypt the data stored on the computers, reports Los Angeles Times.

 

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.