Alex Ballingall reports:
Data storage sticks that contain personal and medical information on about 18,000 patients at Toronto Western Hospital’s Donald K. Johnson Eye Centre have gone missing, prompting an apology from the facility’s chief doctor and an investigation by the Ontario privacy watchdog.
In an Oct. 17 letter to patients, ophthalmologist-in-chief Dr. Robert Devenyi said a key ring with three USB sticks disappeared from his office “sometime during the second week of September.”
Devenyi said data on the USBs included patients’ names, addresses, phone numbers, health card numbers and “procedure codes” outlining the nature of their appointments at the eye centre. He wrote that he is “fairly confident” his patients’ information is safe, but suggests those worried about the unauthorized use of their health numbers should apply for a new card.
Read more on Toronto Star.
I have no idea how he can be “fairly confident” the information is safe when he can’t even be sure if it was lost or stolen. And why, oh why, weren’t those memory sticks encrypted? This really seems inexcusable, but what, if any, will be the consequences to the clinic and the healthcare provider?