Associated Press reports that a patient in Alaska conducting a Google search discovered that patient records were exposed on the web and notified the police.
Dr. Paul Beane, a chiropractor at the Sitka Wellness Center, told the [Daily Sitka] Sentinel an “electronic medical record software vendor” he used for about 9 months in 2008 had stored patient information, including names, dates of birth, social security numbers and addresses, on a Web server in an “unsecured text file” that was easily accessible.
Beane said up to 566 of his patients had their information compromised, although Sitka police said there have not yet been any reports about suspicious activity that might be tied to the security breach.
[…]
Beane put the blame for the leak squarely on EMR4Doctors.com, a company Beane used when he switched to electronic records in April, 2008.
[…]
The company, which Beane said is registered in Nevada, apparently stopped doing business in 2009. A number for the company was disconnected, and there was no current listing for it in Las Vegas.
Read more on NECN.