First of all this hospital is a fore runner to everyone else with medical records and has an ONC approved home brewed medical record system. On top of that the CIO, Dr. Halamka is probably the most influential and most sharing individual in Health IT so when it happens at his facility it can happen anywhere and the patients have been given free credit although no financial or social security information was divulged.
Secondly, this happened yesterday, Monday and we have it today and not months later like some facilities choose to do and it has been resolved in 24 hours or less. He also added that all the information that was breached was going out encrypted so there was no way to see what was actually taken and as he commented, it could have been operating system files as well as anything else on the computer. When you have the man watching your system that lived with the future folks who started HP in California and sold a computer to UCLA he built in high school, you don’t get much better than this as far as skills and being hands on guy too. Actually he’s good candidate to clone. <grin> I say that in jest be he’s also one of the first 20 people to be sequenced too.
Again the prompt action here with reporting and fixing was great and I just read a few minutes ago where Google is now putting notice up on their browser that they have malware floating around and if you are one who may be potentially affected, a notice will appear for you. Everyone has issued staying ahead of the malware and remembering to restore all setting too for that matter as this was done by an outside vendor. BD
MASSDEVICE ON CALL — Beth Israel Deaconess Medical Center is trying to make up for the exposure of more than 2,000 patients' personal information that was hacked from a hospital computer.
The hospital told reporters that a computer repair vendor, who remains unnamed, failed to restore the computer's security settings after servicing the machine. The computer was later found to have contracted a virus that snagged patient files and sent them to an unknown recipient.
The virus accessed patient medical record numbers, names, genders, birthdates and data on radiology procedures that the patients had undergone. No social security information or financial data was stored on the computer, the Boston Globe's boston.com reported.