Greg Welter reports: Paperwork containing patient information is missing from a shredding bin at an Enloe Medical Center facility, apparently taken before it could be destroyed. Laura Hennum, public relations director for the medical center, said the missing paperwork documented ambulance runs made by Enloe approximately between Oct. 8 and 12. The theft was discovered…
Category: Health Data
Local NHS Trust pledges to improve data security
Antony Sumara, the Chief Executive of Mid Staffordshire NHS Foundation Trust, has agreed to take action to comply with the Data Protection Act following a significant security breach. The breach occurred after a member of the Trust’s human resources team transferred personal information to a home computer. The information, known as a ‘Statement of Case’,…
New Study Reveals Push to Electronic Medical Records Puts Patient Privacy at Risk
From the press release: LogLogic, the leader in log and security management solutions, and the Ponemon Institute, a privacy and information management research firm, today announced results of a national survey of healthcare IT security professionals that shows patients may be surrendering their privacy as the $2.5 trillion medical industry – prompted by federal stimulus…
UK: Private medical records for sale
Jo Macfarlane reports: The confidential medical records of patients treated at one of Britain’s top private hospitals have been illegally sold to undercover investigators. Hundreds of files containing intimate details of patients’ conditions, home addresses and dates of birth are being offered for as little as £4 each. The files were sold by two men…
Lawsuit: 29,000 say Kaiser hid security breach
Maria Dinzeo reports on a class action lawsuit stemming from a 2007 breach that was first reported earlier this year: Twenty-nine thousand Kaiser employees say the company did not inform them for more than a year about a security breach that left their personal information vulnerable to thieves. One employee says a woman stole her…
Knowing or reckless misuse of personal data – introducing custodial sentences
From the UK Ministry of Justice: Reference Number : CP22/09 Status: Open Open date: 15 October 2009 Close date: 07 January 2010 A consultation on exercising the power to provide for custodial sanctions for those found guilty of knowingly or recklessly obtaining, disclosing, selling or procuring the disclosure of personal data without the consent of…