HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases

More»

E-learning

  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation

More»

Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos


More»

Jun
15

Unencrypted laptop health breach affects more than 8.6 million records

Email This Post Print This Post

Think the United States has its problems with securing patient health information?

We’re not alone.

London Health Programmes, a medical research organization based at the NHS North Central London health authority, has reported missing an unencrypted laptop containing information of 8.63 million patients and 18 million hospital visits, operations and procedures, according to today’s issue of The Sun.

The data does not include names, “but patients could be identified from postcodes and details such as gender, age and ethnic origin,” according to the newspaper. Information on the laptop included records of cancer, HIV, mental illness and abortions.

The computer was one of 20 lost, and officials have since recovered eight. The research organization “only just” reported the missing laptops to police although they went missing three weeks ago, according to the newspaper.

The Information Commissioner’s Office, Great Britain’s independent authority that promotes data privacy for individuals, has issued a statement regarding the laptop theft:

“Any allegation that sensitive personal information has been compromised is concerning and we will now make inquiries to establish the full facts of this alleged data breach.”

That British authority has been busy this month in terms of protecting private information, according to press releases on its website:

Health information breaches have taken center stage since President Obama signed into law the HITECH Act in February of 2009. It included a provision that allows government enforcers to publicize reports from healthcare entities suffering a breach that affects 500 or more individuals; their information appears on the website of the Office for Civil Rights (OCR), the HIPAA privacy and security rule enforcer.

The breach reported in Great Britain this week towers over the largest reported patient health information breach in the United States in terms of number of individuals affected — by nearly 7 million.

Health insurance giant Health Net, Inc. earned the top spot after it reported its potential breach affecting the health records of 1.9 million past and current enrollees to OCR in March. On the Health Net report, the “type of breach” is “unknown,” and the “location of breached info” is listed as “other.”

Since OCR began posting such information in February 2010, the list has grown to 288 reports.

Comments

  1. Debra K Brogdon says:

    Quit making excuses and comparing with other countries. Our country is way behind in all areas of the health system. Being a former Registered Nurse/Nurse Administrator who developed Myasthenia Gravis, I have been on both sides of the fence. The lack of nursing skills and health field employees has dropped dramatically! I have to use a wheelchair and avoid going into the halls because nurses and staff are playing on computers (facebook,games, e-mails, etc.) I hear staff talking about other patients (not good comments, either, plus I hear them talking about me).

    Don’t put the blame on Europe because I know for a fact they are way ahead of us. Our own veterinarians take better care of our pets than out physicians. Sad to me because I only see it getting worse. Something needs to be done and let’s put the care back into our health system!!!!

Leave a Reply