Wednesday, October 1, 2014

NEWS: Cedars-Sinai Medical Center - BREACH Update

A data breach this summer involving Cedars-Sinai Medical Center patient records was much worse than previously disclosed.

The Los Angeles hospital has notified state and federal officials that medical records of more than 33,000 patients were on a laptop stolen from an employee's home during a June burglary.

It was among the latest in a string of hospital data breaches across the nation that have prompted calls for better security for medical records.

"Medical information is among the most sensitive there is. There is simply no excuse to allow the data to be stored unencrypted on an employee's laptop," said Marc Rotenberg, president of the Electronic Privacy Information Center in Washington, D.C.

Cedars-Sinai had said in August that the laptop contained the records of at least 500 patients. After consulting a data forensics firm, the hospital increased the number of patients affected to 33,136.

The laptop was password-protected, but did not have additional encryption software that would have further protected the sensitive data. The software was mistakenly not reinstalled after a change to the computer's operating system, the hospital said.

Cedars-Sinai sent letters to patients whose records were contained in the laptop, informing them of the breach.

No comments:

Post a Comment