Have an account? Please log in.
Text size: Small font Default font Larger font
.
Radiology Daily
Radiology Daily PracticalReviews.com Radiology Daily

Lawsuit Carries Chilling Lesson: Guard Data!

October 13, 2013
Written by: , Filed in: Medical Ethics, Practice Management
  • Comments
.

A class-action lawsuit filed last month in Chicago should inspire every physician practice in the country—indeed, every health care entity of any kind—to double-check and strengthen the security of its data.

Advocate Medical Group, a large, nonprofit physician group based in Downers Grove, Illinois (a western suburb of Chicago), was the target of the suit, filed in Cook County Circuit Court. Advocate had revealed a few days earlier that four laptop computers containing personal information about more than four million patients had been stolen from its offices in Park Ridge, another Chicago suburb.

The information included names, addresses, dates of birth, and Social Security numbers for patients who had visited Advocate physicians as far back as the early 1990s. It also included some medical data, including diagnoses, medical record numbers, codes, and health insurance information.

None of it was encrypted.

The computers were password-protected, but Kelly Jo Golson, senior vice president and chief marketing officer for Advocate Health Care, the medical group’s parent organization, acknowledged that the information should not have been stored on the computers’ hard drives. She told the Chicago Tribune:

This type of data should always be maintained on our secure network.

The Illinois attorney general’s office and the federal Department of Health and Human Services both said they were investigating the data breach. The theft was part of an overnight burglary discovered on July 15.

“The most important thing is that this issue has no impact on patient care,” said Kevin McCune, MD, chief medical officer for Advocate Medical Group, in an August 23 news release that disclosed the theft.

The patients filing the lawsuit apparently thought other things were important as well. The lawsuit accuses Advocate of violating privacy regulations by failing to use adequate security measures. According to the Tribune, Advocate issued a statement saying the lawsuit was “without merit.” It added, “We want to reassure our patients that we do not believe the data was targeted and we have no information that leads us to believe that the information has been misused.”

Even if the thieves were just stealing computers without caring about the data, and even if evildoers never exploit the data, Advocate still faces huge headaches. And millions of patients face, at a minimum, longterm anxiety.

Advocate’s Golson was right: that type of data should always be secure.

* * *

Why do veterinarians oppose the medical device tax that’s part of the Affordable Care Act? Find out at our Facebook page.

Related CME seminar (up to 35.25 AMA PRA Category 1 credits™): UW Radiology Review Course “Not Just for Residents”

.

Permalink: http://www.radiologydaily.com/?p=11860

Related

  • No Related Posts
  • Comments
.

Would you like to keep current with radiological news and information?

Post Your Comments and Responses

Comments are closed.