BreachExchange mailing list archives

Re: Stolen laptop returned to Beaumont Hospital

From: World Privacy Forum <info2006 () worldprivacyforum org>
Date: Thu, 24 Aug 2006 12:22:39 -0700

 From the Detroit Free Press article:

"Hospital officials said an independent computer expert determined that 
the laptop’s patient information was not accessed during the time it 
was missing. Yet, they added that the agency will continue to offer 
free credit monitoring to the 28,473 patients whose information was on 
the laptop."

I've seen several media reports saying similar things such as "the data 
wasn't accessed"  after post-breach recovery of computers. What isn't 
being said, of course, is that the entire drive could have been copied 
without specific data being accessed. The "data wasn't accessed" 
statements need some substantial qualifiers, I think.  This is a real 
flaw in some of the reporting on this issue -- my hope is that even the 
most general reporting of this becomes more tuned into the copy issue. 
While not everyone will know how to copy a drive without leaving 
footprints, the professionals will.

Pam Dixon




On Aug 23, 2006, at 6:05 PM, lyger wrote:


(follow-up to previous post)

Courtesy Audit (attrition.org)

http://freep.com/apps/pbcs.dll/article?AID=/20060823/NEWS99/60823026

August 23, 2006
By Kim Norris

A stolen laptop filled with medical and personal information of more 
than
28,000 patients of Beaumont Hospital Home Care was returned Wednesday,
without any of the patients. information accessed, Beaumont Hospital
officials said.

Several unnamed employees have since been disciplined, officials said.

The laptop computer was inside a car belonging to a home care nurse 
care
when the car was stolen Aug. 5 on Agnes Street in Detroit. It was
recovered Wednesday after hospital security officials received more 
about
50 tips from area residents responding to a hotline number 
disseminated by
local media.

[...]

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 142 million compromised records in 307 incidents 
over 6 years.


_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 142 million compromised records in 307 incidents over 6 years.

Current thread:

Stolen laptop returned to Beaumont Hospital lyger (Aug 23)
- Re: Stolen laptop returned to Beaumont Hospital World Privacy Forum (Aug 24)
  - Re: Stolen laptop returned to Beaumont Hospital George Toft (Aug 24)
    - Re: Stolen laptop returned to Beaumont Hospital Chris Walsh (Aug 27)