[ Thursday, November 17, 2011 ]
We may have a new winner
in the "most records lost at one time" category. Sutter Health has announced a HIPAA data loss involving over 4 million people
. That's 4,000,000, or roughly 1 out of every 75 Americans. The loss was the result of a stolen computer (naturally), which was not encrypted (of course). Fortunately, there was no financial information or social security numbers, so it is highly unlikely that there will be any actual harm done because of this (and even if sensitive information had been on the computer, there probably would not have been any actual harm, due to the "crackhead" rule). But Sutter gets a pretty bad black eye.Have we reached the point where encryption is now a practical requirement
? I think maybe so. Computers will be stolen. Flash drives will be lost. It sucks to lose a $2,000 computer, but if it's encrypted, that's the extent of your loss.
Jeff [10:36 AM]
Blogger: HIPAA Blog - Edit your Template