follow-up: Worker who lost data no longer on job

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.chron.com/disp/story.mpl/metropolitan/5937805.html

By LIZ AUSTIN PETERSON
Copyright 2008
Houston Chronicle
Aug. 11, 2008

The Harris County Hospital District administrator who downloaded medical 
and financial records for 1,200 patients onto a flash drive that later was 
lost or stolen no longer works there, a district spokesman said Monday.

Spokesman Bryan McLeod confirmed the low-level administrator's departure 
but would not say whether she resigned or was fired or when she left, 
calling it a confidential personnel matter.

Attempts to reach the former employee for comment Monday were 
unsuccessful.

The flash drive contained records listing patients' names, medical record 
numbers, billing codes, the facilities where they were treated and other 
billing information, the district said. It also included the patients' 
Medicaid or Medicare numbers, which can indicate their Social Security 
numbers or those of their spouses.

Many of the patients listed on the flash drive have HIV or AIDS, according 
to Harris County Judge Ed Emmett.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml