[ Tuesday, April 24, 2007 ]


Another Security Slip-Up: It's not a HIPAA breach, but the story is strangely correlative to the likely effects of an accidental disclosure of PHI. Astroglide, the maker of "personal lubricants," allowed visitors to its website to obtain free samples by giving their names and addresses. Well, it seems the company inadvertently put that information out on the internet. They took it down, but not before Google cached it. The list contains about a quarter million names and addresses (this being the internet, many of the names aren't real, but I'd suspect the addresses are).

There are no social security or bank account numbers involved, so there's not the real risk of identity theft. Rather, as with most HIPAA breaches that involve true medical information (as opposed to social security or account information), it's just a matter of how embarrasing the information might be, due to what might be actually or inferentially disclosed.

Go ahead, make your own joke about this lack of tight security.

Jeff [10:54 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template