A data breach at Stanford Hospital & Clinics in Palo Alto, Calif., resulted in the public posting of medical records for 20,000 emergency room patients, according to a New York Times report.
The data has been publicly available for nearly a year on a website but was detected by a patient and reported to the hospital only last month. The records included names, diagnosis codes, account numbers, admission and discharge dates and billing charges for patients who visited the hospital's emergency room in a six-month period in 2009. Social Security numbers, dates of birth, credit-card accounts and other information traditionally used for identify theft were not included.
A detailed spreadsheet was originally in the possession of one of the hospital's vendors, Multi-Specialty Collection Services, but in Sept. 2010 was found on a homework help website called Student of Fortune. The spreadsheet was posted as an attachment to a question about how to convert the data into a bar graph. The website deleted the post once notified by Stanford Hospital.
Stanford Hospital is offering free identity protection services to affected patients.
HHS Reports Data Breaches of Protected Health Information in 2009-2010 to Congress
28 Health Data Breaches in the Past 6 Months
The data has been publicly available for nearly a year on a website but was detected by a patient and reported to the hospital only last month. The records included names, diagnosis codes, account numbers, admission and discharge dates and billing charges for patients who visited the hospital's emergency room in a six-month period in 2009. Social Security numbers, dates of birth, credit-card accounts and other information traditionally used for identify theft were not included.
A detailed spreadsheet was originally in the possession of one of the hospital's vendors, Multi-Specialty Collection Services, but in Sept. 2010 was found on a homework help website called Student of Fortune. The spreadsheet was posted as an attachment to a question about how to convert the data into a bar graph. The website deleted the post once notified by Stanford Hospital.
Stanford Hospital is offering free identity protection services to affected patients.
Related Articles on Data Breaches:
HHS' Annual Report on HIPAA Compliance Reveals Top Issues for InvestigationHHS Reports Data Breaches of Protected Health Information in 2009-2010 to Congress
28 Health Data Breaches in the Past 6 Months