The disc was encrypted but there was a reported piece of paper nearby missing too that contained the password.  If the password is there to use then the imageencryption may not mean much.  This reminds me of the story last year from the UK where a flash drive, which was also encrypted was stolen and the password was taped on the drive:)  If you take time to encrypt be careful where you leave a password laying around.  Nobody expects to be burglarized in their home though. 

The hospital was working to get their Epic medical record system installed and perhaps all was not done and ready yet to have access for all information from a VPN yet.  Back in January I interviewed one of their MDs who told me they were anxious to get the entire sign on done so all records would be accessed from one area.  BD 

If You Take the Time to Encrypt Medical Information – Don’t Tape the Passwords on the Container or Flash Drive – NHS Security Breach

The UCLA Health System is warning thousands of patients that their personal information was stolen and they are at risk of possible identity theft, officials said in a statement released Friday.

Officials don’t believe the information has been accessed or misused but are referring patients to a data security company if their name and credit are affected.

Altogether, 16,288 patients’ information was taken from the home of a physician whose house was burglarized on Sept. 6, according to the UCLA Health System.

The physician works for UCLA Faculty Practice Group, whose doctors see patients at the outpatient clinics and the four inpatient hospitals: Ronald Reagan UCLA Medical Center, Santa Monica UCLA Medical Center and Orthopedic Hospital, Mattel Children’s Hospital and Resnick Neuropsychiatric Hospital.

The data were on the physician’s external hard drive, officials said. Though the hard drive was encrypted, a piece of paper with the password was nearby and is also missing. The physician notified UCLA the next day and officials began identifying patients affected.


Post a Comment