Monday, August 22, 2011
Online medical records are supposed to be secure. But the files of 300,000 Californians were recently discovered to be unprotected.
California The medical records of nearly 300,000 Californians have been exposed on the Internet. The firm responsible for the data says it believed the information was protected.
Southern California Medical-Legal Consultants put the files on a website it thought only employees could access. But it turns out the information was visible to anyone.
The files included descriptions of workers' comp claims and Social Security numbers.
Beth Givens directs the San Diego non-profit Privacy Rights Clearinghouse. She said this kind of information is extremely delicate.
"In this case, it was not password protected, and given the sensitivity of the information it should also have been encrypted," Givens pointed out. "And frankly, those two methods of protection are not all that difficult."
The data breach is the latest in a series of large security lapses in California. Earlier this year, insurer Health Net said hard-drives containing information from 1.9 million members had disappeared.
Givens said that since 2005, more than half-a-billion records nationwide have been exposed online.