HIPAA Blog

[ Wednesday, October 26, 2005 ]

Another Hospital loses data: This time it's a Hawaiian hospital that lost a "thumb drive" mini-hard drive that contained non-medical patient data. Even though it's not medical information, it's probably PHI because it identifies the individuals and (presumably) the hospital, and just the fact that a person may have been in the hospital is probably enough to meet the definition of PHI. Worse, this is the type of data that has value, since it had names, addresses, and social security numbers.

Hat tip: HIPAAdvisory's HIPAA News.

Jeff [2:36 PM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template