Georgetown Breach Added to the List

Federal tally of major incidents now totals 87
Georgetown Breach Added to the List
Among the major healthcare breach incidents recently added to a federal tally is one stemming from the theft of an unencrypted external hard drive at Georgetown University in Washington, D.C.

The federal list of breaches affecting more than 500 individuals, complied by the HHS Office for Civil Rights, now includes about 87 cases dating back to September, when the HITECH breach notification rule kicked in.

The hard drive, stolen in late March, contained information on more than 2,400 patients at Georgetown University Hospital. It was used as a back-up device for hospital information used to identify patients who are eligible to participate in research studies.

The device contained reports from the hospital's surgery department, including patient name, date of birth, gender, date of surgery, type of surgery or test and medical record number. The files did not include addresses, financial information or Social Security numbers.

The hospital is in the process of notifying all patients as required under HITECH. According to a hospital statement: "We are assessing our current procedures and adding processes and controls to ensure that we continue to use and disclose patient information only as permitted by law and in accordance with our Notice of Privacy Practices."


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.