A data breach this summer involving Cedars-Sinai Medical Center patient records was much worse than previously disclosed.
The
Los Angeles hospital has notified state and federal officials that
medical records of more than 33,000 patients were on a laptop stolen
from an employee's home during a June burglary.
It was among the
latest in a string of hospital data breaches across the nation that have
prompted calls for better security for medical records.
"Medical
information is among the most sensitive there is. There is simply no
excuse to allow the data to be stored unencrypted on an employee's
laptop," said Marc Rotenberg, president of the Electronic Privacy
Information Center in Washington, D.C.
Cedars-Sinai had said in
August that the laptop contained the records of at least 500 patients.
After consulting a data forensics firm, the hospital increased the
number of patients affected to 33,136.
The laptop was
password-protected, but did not have additional encryption software that
would have further protected the sensitive data. The software was
mistakenly not reinstalled after a change to the computer's operating
system, the hospital said.
Cedars-Sinai sent letters to patients whose records were contained in the laptop, informing them of the breach.
No comments:
Post a Comment