Healthcare Business News

Med school reports laptop stolen in Argentina

By Joseph Conn
Posted: January 16, 2013 - 6:00 pm ET

The Washington University School of Medicine, St. Louis, has announced that a password-protected but unencrypted laptop computer was reported stolen from a physician at a healthcare conference in Argentina. The laptop held the records of about 1,100 surgery patients.

The data breach, which occurred on Nov. 28 last year, exposed patients' names, dates of birth, medical record numbers, diagnoses, types and dates of surgery, and, in 39 instances, Social Security numbers, according to a news release.

All of the affected individuals were patients of the university's Department of Surgery, from 2002 to the present, the statement said.

Advertisement | View Media Kit


“To help prevent something like this from occurring in the future, we are expanding our use of encryption on portable devices and re-educating our workforce members regarding the importance of handling patient information securely,” the medical school statement said.

There have been 525 breaches involving the records of more than 500 patients publicly reported on the website of the Office of Civil Rights at HHS and perhaps as many as 80,000 lesser breaches reported to the office since a federal breach notification law went into effect in September 2009.

Of the larger breaches, 42% have involved some sort of unencrypted mobile device.

The security rule under the Health Insurance Portability and Accountability Act does not mandate encryption, but if the healthcare industry keeps going on its current path and not securing mobile devices, it might, said Michael “Mac” McMillan, founder of CynergisTek, an Austin, Texas-based security firm.

U.S. Sen. Al Franken (D-Minn.) held hearings last year on healthcare-records security and has said he plans to reopen them this year, McMillan said.

“If they really want Franken to crawl up their backside, that's certainly giving Congress the ammunition they need to say, 'You know, this isn't working. We need to make encryption mandatory,' ” McMillan said. “I think that's inevitably what's going to happen.”

What do you think?

Share your opinion. Send a letter to the Editor or Post a comment below.

Post a comment

Loading Comments Loading comments...



Switch to the new Modern Healthcare Daily News app

For the best experience of on your iPad, switch to the new Modern Healthcare app — it's optimized for your device but there is no need to download.