Jaikumar Vijayan reports:
Nearly eight months after new rules were enacted requiring stronger protection of health care information, organizations are still leaking such data on file-sharing networks, a study by Dartmouth College’s Tuck School of Business has found.
In a research paper to be presented at an IEEE security symposium Tuesday, a Dartmouth College professor Eric Johnson will describe how university researchers discovered thousands of documents containing sensitive patient information on popular peer-to-peer (P2P) networks.
One of the more than 3,000 files discovered by the researchers was a spreadsheet containing insurance details, personally identifying information, physician names and diagnosis codes on more than 28,000 individuals. Another document contained similar data on more than 7,000 individuals. Many of the documents contained sensitive patient communications, treatment data, medical diagnoses and psychiatric evaluations. At least five files contained enough information to be classified as a major breach under current health-care breach notification rules.
Read more on Computerworld.