Another week, another breach of patient records. Make that two breaches--one paper, one electronic; one on the west coast, one on the east coast.
First, the Los Angeles County Department of Health Services and the Los Angeles County Sheriff's Department announced that 33,000 patient records were missing from a supposedly secure location at the Martin Luther King, Jr. Multi-Service Ambulatory Care Center in South Los Angeles.
One suspect has been arrested and charged with felony burglary, CMIO reports, after an investigation started in late July revealed an employee had taken the files to a recycling company for their paper value. Custodians at MLK may have inadvertently marked the files for destruction.
On the other side of the country, NewYork-Presbyterian Hospital and Columbia University Medical Center said that electronic personal information on 6,800 patients were temporarily exposed on an organizational web page. For about 10 patients, Social Security numbers had been accessible, according to the institutions. The hospitals said there was no evidence personal data were misused.
"NewYork-Presbyterian Hospital and Columbia University Medical Center have established an internal Task Force to build upon and strengthen our existing information systems and to implement enhancements to our data security as well as improve employee awareness in our on-going efforts to prevent such exposures of data," the institutions said in a press release.
For more information:
- see this CMIO story on the MLK records
- here's another CMIO article about the NewYork-Presbyterian breach
- take a look at this NewYork-Presbyterian/Columbia University Medical Center press statement