South Shore Hospital completes probe into data loss

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://bostonherald.com/business/healthcare/view.bg?articleid=1280045&position=1

South Shore Hospital said there is “little to no risk” that
information from computer files that went missing earlier this year
has been used or abused.

The hospital’s report released today wraps up an investigation into
the disappearance of back-up data related to as many as 800,000
people.

The report identified the companies involved in the mishap. South
Shore said it hired Iron Mountain Data Products, now called Archive
Data solutions, in February to destroy the digital records.

But the job was subcontracted - “without South Shore Hospital’s prior
knowledge” - to Graham Magnetics, which arranged to ship three boxes
of computer tapes to a Texas facility for destruction.

The hospital said it found out in June that Graham Magnetics had only
received one of the three boxes.

South Shore publicly disclosed the data loss on July 19 and has
notified the Massachusetts Attorney General’s Office and U.S.
Department of Health and Human Services. A public notice will be
published in newspapers the next two days.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php