HIPAA Blog

[ Thursday, March 03, 2011 ]

 

Delaware Hospital Data Theft: This time it's Beebe Medical Center in Lewes, Delaware. An employee took a financial report home to work on it. The report was on paper and in the employee's briefcase, and contained patient names, Medicare numbers and social security numbers for a little over 100 people. The briefcase was in the car when they took a family trip to Florida, where the briefcase was stolen out of the car. So far, there's been not known effect such as ID theft (several of the individuals are dead already), but the hospital is offering credit monitoring for the rest. Personally, I suspect the data has already been destroyed, since it's not what the thieves were looking for. No punishment for the employee, since the data was stolen and not voluntarily disclosed, and taking the data home did not violate hospital policies. Of course, you see the problem here: the hospital should have had policies about protecting data that includes policies about how and when employees can take data out of the hospital. They are developing one now, I'm sure.

Hat tip: Healthleaders.

Jeff [8:43 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template