| Main Archive Page > Month Archives > infosec-news archives |
[ISN] Stanford Hospital Contractor Leaks 20, 000 Patient Records to Public Website
From: InfoSec News <alerts_at_nospam>Date: Fri Sep 09 2011 - 07:59:08 GMT
To: isn@infosecnews.org
By Fahmida Y. Rashid
eWEEK.com
2011-09-08
A data privacy breach at Stanford University's hospital has resulted in
medical records for 20,000 emergency room patients being posted on a
public Website for nearly a year, according to The New York Times.
A patient notified the hospital of the breach Aug. 22, and the hospital
has been investigating how a detailed spreadsheet containing sensitive
patient information wound up being posted on a commercial site, The New
York Times reported Sept. 8. The compromised information belonged to
patients who went to Stanford Hospital's emergency room over a six-month
period in 2009.
The records included names, diagnosis codes, account numbers, dates of
admission and discharge, and billing charges. Social Security numbers,
birth dates, credit card accounts or other information that could
potentially result in identity theft was not exposed. Even so, the
hospital is offering free identity-protection services to all affected
patients.
“It is clearly disturbing when this information gets public,” Diane
Meyer, Stanford Hospital's chief privacy officer, told the Times,
adding, “It is our intent 100 percent of the time to keep this
information confidential and private, and we work hard every day to
ensure that."
[...]
_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/