If you are still carrying around records on a non encrypted USB drive, you might want to think twice about it if you are in California.  As you can read the cases are varied and some reported by patients, I would guess the patients reporting finding out that someone potentially had some of their confidential information.  Again, I am still surprises to see hospitals still allow physicians to connect one to their system, especially after the big virus imageissue suffered by the DOD as an example. 

Store data on a secured server to be safe and make sure it is encrypted and lock down computers from using Peer to Peer music networks too as a lot of data gets exposed that way with users who end up sharing everything on their PC.  One of the biggest errors I have seen is the one below, the devices were encrypted, but passwords were taped on the devices.

If You Take the Time to Encrypt Medical Information – Don’t Tape the Passwords on the Container or Flash Drive – NHS Security Breach

California officials have received more than 800 reports of health data breaches in five months after a new state law went into effect January 1.

The law requires health care organizations in California to report suspected incidents of intentional and unintentional unauthorized breaches of a patient’s personally identifiable health information to the California Department of Public Health.

The agency, however, says it was surprised by the large number of reports it received in such a short period, according to the Journal of the American Health Information Management Association, and expect that number to increase dramatically.

Of the cases reported, which also include complaints from patients, officials have conducted full investigations on 122 cases so far and confirmed 116 as actual breaches. The types of breaches run the gamut from unintentionally faxing a patient’s chart or test reports to the wrong phone number to intentional snooping by workers. Most of the breaches reported so far have been unintentional.

California led the way in data breach laws when it passed the first notification law, which went into effect in July 2003. It requires entities doing business in California to notify consumers when their personally identifiable information is breached, such as a name and Social Security or credit card number. The law helped expose the extent of the data-breach problem and prompted other states to follow suit with their own laws. California’s new medical data breach law is the first in the nation and is being closely watched by other states. Healthcare providers, however, have criticized it for being too rigid.

New Law Floods California With Medical Data Breach Reports | Privacy Digest

Related Reading:

USB Memory Stick Round 2 – More Medical Record Information on a Lost Drive
Security tightened over data loss – Flash Drives Can be One of HealthCare’s Biggest Nightmares
Healthcare Workers Sharing Music and they could also be sharing Medical Records and Files

0 comments :

Post a Comment

 
Top
Google Analytics Alternative