BreachExchange mailing list archives
Georgetown University - E-Health Gaffe Exposes Hospital
From: lyger <lyger () attrition org>
Date: Tue, 25 Jul 2006 11:50:08 -0400 (EDT)
http://www.wired.com/news/technology/0,71453-0.html By Kevin Poulsen 02:00 AM Jul, 25, 2006 Georgetown University Hospital suspended a trial program with an electronic prescription-writing firm last week after a computer consultant stumbled upon an online cache of data belonging to thousands of patients, Wired News has learned. The leaked information included patients' names, addresses, Social Security numbers and dates of birth, but not medical data or the drugs the patients were prescribed, says Marianne Worley, a spokeswoman for the Washington, D.C.-based hospital known for providing emergency care to the nation's most powerful political figures. The hospital had securely transmitted the patient data to e-prescription provider InstantDx. But an Indiana-based consultant accidentally discovered the data on InstantDx's computers while working to install medical software for a client. "The initial investigation has found that no patient demographic data was inappropriately used," says Worley, who says between 5,600 and 23,000 patients were affected. She added that the hospital learned of the breach when Wired News contacted it last week. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- Georgetown University - E-Health Gaffe Exposes Hospital lyger (Jul 25)