ADVERTISEMENT

Umbilical-cord bank told to tighten data security.

  • Blog Post by: Jane Friedmann
  • May 6, 2013 - 3:00 PM

Cbr Systems, Inc., a California company that collects and stores umbilical cord blood and tissue for possible medical research, must implement better data security measures and submit to  security audits after a breach exposed 298,000 customers' personal information in 2010, the Federal Trade Commission announced Friday.

Names, addresses, Social Security numbers, medical histories, credit or debit information, drivers license and other data, primarily of pregnant donors, was copied onto unencrypted backup tapes, according to a complaint by the FTC.

While in transit from one facility to another, the tapes were stolen from a backpack left in an employee's car, the complaint said.

The settlement also requires Cbr to revise its privacy policy to accurately represent the level of security afforded personal data it collects.

Read more about the settlement and complaint on the FTC's website.

© 2014 Star Tribune