Sutter Medical Foundation patients’ privacy breached

This one is going to hurt, given the size of the data breach.  A password protected laptop with unencrypted data?  There will be lawsuits since allowing this much data to be placed on laptop in an unencrypted form borders on negligence.  Who knows what happened to the data.  Hopefully the thief was looking for hardware and could care less about the data, but being hopeful isn’t a policy solution nor a means of protecting those whose identities might be exposed.

Sutter Medical Foundation computer stolen in mid-October held information on more than 4 million patients, some dating back to 1995, Sutter Health officials said Wednesday.

The information, primarily demographic, but also containing descriptions of medical diagnoses and procedures, was stored on a password-equipped but unencrypted desktop computer in the administrative offices of Sutter Medical Foundation in Natomas, said Sutter Health spokeswomanNancy Turner.

The breach is immense in its scope.

For 3.3 million patients whose providers are supported by Sutter Physician Services, names, addresses, email addresses, dates of birth, telephone numbers and names of patients’ health insurance plans dating from 1995 were contained in the computer’s database.

About these ads
This entry was posted in Data Breach, Information Security, IT Security, Med IT News and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s