TRENDING:

Breach Involves Missing Flash Drive

Nearly 25,000 Louisville hospital patients notified Howard Anderson (ismg_editor) • May 4, 2010    
Breach Involves Missing Flash Drive
A psychiatric hospital in Louisville is notifying 24,600 patients about a breach involving the loss of an unencrypted flash drive.

Our Lady of Peace Hospital reports that the flash drive, which was discovered to be missing April 1, included information on admitted patients dating back to 2002, including names, room numbers, insurance and admission and discharge dates. In addition the flash drive included information on patients assessed since 2009 but not admitted. This included patient name, date of assessment, date of birth and time the patient left the facility.

For both types of patients, the information did not include any information on diagnosis or treatment, Social Security number or contact information.

In the letter to patients, required under the HITECH Act's breach notification rule the hospital advised individuals to place fraud alerts on their credit reports and then monitor their credit ratings.

In a media statement, the hospital said it is:

  • Re-educating staff about the appropriate way to handle patient information and protect electronic information;
  • Adopting encryption for software and computers; and
  • Taking appropriate disciplinary action against staff members involved.
Previous
Feds Fund Secure Data Exchange Demos
Next
Fed CISOs Seek Fresh Grads

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

Ransomware: Did Law Enforcement Lose Ground Early On?
Ransomware: Did Law Enforcement Lose Ground Early On?
Addressing the Shortage of Medical Device Cyber Talent
Addressing the Shortage of Medical Device Cyber Talent
Ransomware Group Zeppelin's Costly Encryption Mistake
Ransomware Group Zeppelin's Costly Encryption Mistake
US Army Banks on Cyber Defense Based on Zero Trust - Part 2
US Army Banks on Cyber Defense Based on Zero Trust - Part 2
Cybersecurity Analysis of the FTX Crypto Heist: Part Two
Cybersecurity Analysis of the FTX Crypto Heist: Part Two
Why Ransomware Victims Avoid Calling It 'Ransomware'
Why Ransomware Victims Avoid Calling It 'Ransomware'
Beating Clever Phishing Through Strong Authentication
Beating Clever Phishing Through Strong Authentication
Cyberwarfare's Role in the Next National Defense Strategy
Cyberwarfare's Role in the Next National Defense Strategy
Digital Army 2030: Modernizing Technology at Scale - Part 1
Digital Army 2030: Modernizing Technology at Scale - Part 1
Cybersecurity Analysis of the FTX Crypto Heist: Part One
Cybersecurity Analysis of the FTX Crypto Heist: Part One

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.