MidState Medical Center in Hartford Security Breach-Employee Downloaded Patient Files and Took Them Home
Posted Apr 06 2011 3:45pm
Hopefully one day stories like this will cease to exist. A couple months ago a hacker faked out employees and they gave him everything he wanted. So why is it that this employee could download all this information and if work needed to be done at home, have we ever heard of a VPN? With today’s speed on the internet, there’s almost really no reason to be carrying around patient data in this manner any more or for employees to have access without out prior permission from someone in IT. I’ve seen it done all the time in the past too with people taking information on portable drives with no password or encryption and today the consequences are just too high to be doing this.
Sometimes though too the CIOs have a hard time getting funds for additional Health IT services, kind of what like happened a few years ago to retailer TJMaxx who didn’t think security was that important, but they do now.
MERIDEN - The personal information of about 93,500 patients of MidState Medical Center may be compromised after a Hartford Hospital employee downloaded the information to an external hard drive and took it home.
MidState has not been able to recover the hard drive, which contains patients' names, addresses, marital status, Social Security numbers, medical record numbers and dates of birth. The information was downloaded to the hard drive on Feb. 15 at Hartford Hospital by a worker no longer employed by the hospital. Hospital officials would not name the former employee.
"The financial fraud aspect is huge but the medical fraud is the one that is most insidious to me," said Vincent J. Messina Jr., a Meriden salesman who deals in identity theft protection. "Imagine getting in a car accident and needing a blood transfusion but they can't do it because you have an incorrect medical condition listed on your medical records - or being denied treatment because of some bad information. Your records can get updated incorrectly without you even knowing."