Detroit hospital suffers second data breach within a year

The 2,777 patients were tested for urinary tract infections between July and October 2010; the lost information included names, medical record numbers, and test results, but not social security numbers or medical histories, according to a report by the Detroit Free Press.

Meredith Phillips, Henry Ford's chief privacy officer, said there was no evidence the flash-drive data were misused.

This is the second patient data breach at the hospital in a year, the paper said. In September, a Henry Ford employee's laptop was stolen from an unlocked office. The computer contained unsecured information related to prostate services that patients received between 1997 and 2008.

The hospital told the US Department of Health and Human Services that the breach involved 3,700 patients.

Hospital employees face suspension or termination if they're involved in "situations in which personal health information is left unsecured on electronic devices such as computers, smart phones or flash drives," Henry Ford said.

Since October 2009, there have been nine patient data breaches at Michigan hosptials involving records of more than 115,000 patients, according to the paper.

What’s Hot on Infosecurity Magazine?