U.Va. med center warns of potential privacy breach

[Erica Absetz <eabsetz () opensecurityfoundation org>]

http://hamptonroads.com/2012/12/uva-med-center-warns-potential-privacy-breach

The Associated Press
© December 3, 2012

CHARLOTTESVILLE

The University of Virginia Medical Center is warning patients that an
electronic device containing their medical and personal information is
missing.

The hospital began notifying patients on Friday about the potential
security breach. A call center for patients who have questions will
open Monday.

The handheld device was used by on-call pharmacists at Continuum Home
Infusion. It went missing around Oct. 5.

Affected patients received services from Continuum Home Infusion
during September. Potential patients who were referred to Continuum
Home Infusion from August 2007 through September also could be
affected.

Hospital officials say in a statement that the device might have
contained patients' names, addresses, diagnoses and medications, along
with some Social Security numbers that also are health insurance
identification numbers.

Hospital officials don't believe the information has been accessed.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.