What started out as a billing-and-payment analysis for Stanford Hospital ended up as a major data security breach for the institution. A patient recently discovered the public posting of medical records for 20,000 emergency room patients. Exposed data included names and diagnosis codes.
The detailed spreadsheet somehow made its way from a hospital vendor, Multi-Specialty Collection Services, to Student of Fortune, a paid homework helper site, as an example of how to convert data into a bar graph. An investigation into the breach is underway.
The Stanford Hospital incident is far from unique; the U.S. Department of Health and Human Services released information showing that personal medical data for more than 11 million people has been exposed during the last two years. The New York Times reports that, since passage of the federal stimulus package, which included provisions requiring prompt public reporting of breaches, the government has received notice of 306 incidents between September 2009 and June 2011 that affected at least 500 people. Four of the breaches involved more than a million individuals each.
Source: The New York Times