Wednesday, 28 August 2013

Calling Dr. Moe, Dr. Larry and Dr. Curly: Advocate Medical Breach of Four Million Patient Records, and No Encryption

Calling Dr. Moe, Dr. Larry and Dr. Curly: Advocate Medical Breach of Four Million Patient Records, and No Encryption - Hi, friend befluster.me, in this article entitled Calling Dr. Moe, Dr. Larry and Dr. Curly: Advocate Medical Breach of Four Million Patient Records, and No Encryption, we have prepared this article well and concise to be easy to understand for you to read and can be taken inside information. hopefully the contents of the post Article Advocate Health Care, Article Bitlocker, Article computer security, Article FileVault, Article healthcare IT risk, Article medical record confidentiality, Article medical record privacy, Article Mismanagement, that we write this you can understand and useful. okay, happy reading.

At my Oct. 2011 post "Still More Electronic Medical Data Chaos, Pandemonium, Bedlam, Tumult and Maelstrom: But Don't Worry, Your Data is Secure" (http://hcrenewal.blogspot.com/2011/10/still-more-ehr-chaos-pandemonium-bedlam.html) I thought I'd seen the worst.

Yet another post to add to the category of medical record privacy/confidentiality/security (http://hcrenewal.blogspot.com/search/label/medical%20record%20privacy), however:

Advocate Medical Breach: No Encryption?
Computer Theft Raises Questions About Unencrypted Devices
By Marianne Kolbasuk McGee, August 27, 2013.

The recent theft of four unencrypted desktop computers from a Chicago area physician group practice may result in the second biggest healthcare breach ever reported to federal regulators. But the bigger issue is: Why do breaches involving unencrypted computer devices still occur?

According to the Department of Health and Human Services' "wall of shame" website listing 646 breaches impacting 500 or more individuals since September 2009, more than half of the incidents involved lost or stolen unencrypted devices. Incidents involving data secured by encryption do not have to be reported to HHS.

... The four unencrypted but password-protected computers [passwords on PC's are bypassable by smart teenagers - ed.] stolen during a burglary in July from an office of Advocate Medical Group in Illinois may have exposed information of about 4 million patients, according to an Advocate spokesman.

4 million is about 1.3 percent of the entire U.S. population (about 313.9 million in 2012) ... on just four desktop computers.

Try that with paper ...

As to the subtitle of the article, "Computer Theft Raises Questions About Unencrypted Devices", I've written on that issue before.  I'd noted questions like that are remarkable considering both MacOS and Windows have built-in, readily available encryption, the latter for a few extra $ for the "deluxe version" (see  http://en.wikipedia.org/wiki/FileVault and http://en.wikipedia.org/wiki/Bitlocker).  

Perhaps the best explanation in 2013 for unencrypted desktop PC's containing millions of confidential medical records is this picture, symbolic of the apparent attitudes of corporate and IT management on health IT security:


Encryption?  We don't need no encryption.  We got triple protection already!


-- SS



Thank You and Good article Calling Dr. Moe, Dr. Larry and Dr. Curly: Advocate Medical Breach of Four Million Patient Records, and No Encryption this time, hopefully can benefit for you all. see you in other article postings.

You are now reading the articleCalling Dr. Moe, Dr. Larry and Dr. Curly: Advocate Medical Breach of Four Million Patient Records, and No Encryption with the link address http://www.befluster.me/2013/08/calling-dr-moe-dr-larry-and-dr-curly.html

0 comments

Post a Comment