Top 10 Data Breaches from 2011: #9

#9:  300,000 Medical Records Put Online

Summary:  About 300,000 detailed medical records sat on the Internet unsecured for several months.

Details:  Insurance forms, Social Security numbers and doctors’ notes. Among the files were summaries that spelled out, in painstaking detail, a trucker’s crushed fingers, a maintenance worker’s broken ribs and one man’s bout with sexual dysfunction.

Why Significant: This is significant for several reasons:

  • Highlights the persistent interest in taking medical records.  According to Privacy Clearinghouse, medical records are a consistent “favorite” every year for hackers and insiders.
  • This breach illustrates how to use medical records:
    • Criminals:  Blackmail and public humiliation.
    • Noncriminals:  “The information can also be used by insurance companies to inflate rates, or by employers to deny job applicants.”
  • Foreshadows issues with broader digitization of electronic health records.  Obamacare requires digital health records by 2014–but are we ready from a security standpoint?

Leave a Reply

You must be logged in to post a comment.