« PHR-Related Events in April--Updated | Main | PHRs and Patient Control in the New England Journal of Medicine »

April 16, 2008

A Banner Month for Health Privacy Breaches

Posted April 16, 2008 by Lygeia Ricciardi

It’s been a particularly busy month in the world of health privacy breaches. Health records have been breached both individually and in massive data sets. They include highly personal information on the young and the old, the rich and famous and the poor.

Although Project HealthDesign and its next generation PHR tools are vastly different from the data repository type records that were recently breached, the Project is very aware of the vulnerabilities that exist within currents systems and the need to address those vulnerabilities in any context—its work in association with the University of Miami Bioethics Program continues in that direction.

On Monday the Wall Street Journal reported that nearly 50,000 patient records had been improperly accessed using the computer login of an employee of New York-Presbyterian Hospital. The employee, who worked in patient admissions, sold data on about 2,000 people for roughly $1,350 total.

On April 8, 2008, meanwhile, The Atlanta Journal-Constitution reported that the insurance records of 71,000 disadvantaged Georgia families had been made public. The families were participating in insurance programs for the poor.

On April 3, 2008 the Los Angeles Times reported that staff at the UCLA Medical Center had gone through the cancer treatment records of 70’s TV star Farrah Fawcett (of Charlie’s Angels fame). The Enquirer posted news about the return of her cancer on its web site soon after Fawcett herself had learned of it, and before she had told her son and close friends. The story followed news that pop star Britney Spears’ privacy was breached at the same center following her hospitalization in a psychiatric ward earlier this year.

In late March we learned that a laptop containing personal medical information on about 2,500 patients enrolled in a National Institute of Health (NIH) cardiac study had been stolen from a laptop in the trunk of an employee’s car.

Let’s let this month’s impressive lineup of health privacy breaches serve as a reminder that the topic is, unfortunately, still very much a growing concern as health information becomes more liquid. For some ideas about how to address privacy from a policy and technical perspective, see previous blog entries on privacy (and the Project HealthDesign e-Primer on Privacy and PHRs).

Posted at 04:48 PM in Privacy |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00df35210d19883400e551ef71d08834

Listed below are links to weblogs that reference A Banner Month for Health Privacy Breaches:

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.