A Seattle-area community hospital admitted last week that it had allowed patient information--including Social Security numbers--to be exposed to Web searchers. Due to a security slip-up by a hospital contractor, data became publicly available for more than 500 patients treated at Edmonds, WA-based Stevens Hospital. The subcontractor had failed to secure one of its servers, creating a back door which made the patient data searchable by the public. The hospital is stressing that no clinical data was exposed, and that no credit card information was made available. Now that the hospital has become aware of the problem, it has contacted the affected patients, and set up a hotline offering information on how to monitor and protect their personal information.
To find out more about the incident:
- read this Stevens Hospital press release