Boy Finds USB Stick With Private Medical Records

Status
Not open for further replies.

chickenhoagie

Distinguished
Feb 12, 2010
311
0
18,930
If I knew any common sense at all, I think I would say that sensitive information you don't want people to get a hold of, such as this..should simply not be on a portable device, such as a flash drive. Lets stick with keeping that info in a storage/server room shall we?
 

jedimasterben

Distinguished
Sep 22, 2007
12
0
18,570
That would only work, chickenhoagie, if that data didn't need to be accessed from somewhere else not on that network.

And on a semi-unrelated not, I have that EXACT same flash drive!
 

Clintonio

Distinguished
Apr 10, 2008
372
0
18,930
[citation][nom]jedimasterben[/nom]That would only work, chickenhoagie, if that data didn't need to be accessed from somewhere else not on that network.And on a semi-unrelated not, I have that EXACT same flash drive![/citation]
Internet?
 

intelliclint

Distinguished
Oct 20, 2006
23
0
18,560
A better PHI company should use an removeable drive encryption software that doesn't let the computer users copy any files to a CD or USB stick without encrypting them. I have such software werer I work.

I would also have an issue with someone even needing to copy any PHI to a USB stick to begin with.
 

eddieroolz

Distinguished
Moderator
Sep 6, 2008
3,485
0
20,730
Stupid mistake that happens all the time. You'd think these things would be encrypted or even better, not be taken out of the hospital.
 

Bolbi

Distinguished
Jul 11, 2009
81
0
18,590
[citation][nom]Clintonio[/nom]Internet?[/citation]
Yep. When my Dad works from home, I know that he connects to all his work-related files by logging into the corporate VPN.
 

mman74

Distinguished
Mar 22, 2006
210
0
18,830
Another school of thought, is if you let them do it (copy data for remote access) then should you suspend them if it get's lost. I mean he was hardly doing it to sell on the black market, most likely knowing the underpaid NHS, he wanted to work from home. If you invest in a globally accessible site with good security (dongles perhaps) that does not easily allow you to transfer the records locally then they wouldn't have this problem, instead of going heavy-handed on what was probably a very hard-working doctor.
 

rummy666

Distinguished
Apr 15, 2009
2
0
18,510
That is why I have to use a secure usb drive... so that even if I lose it, no one can get the patient information on it.
 

fishyfish

Distinguished
Dec 21, 2009
78
0
18,580
British public sector managers are dumber than I thought. After so many data leaks, lost drivers, laptops and CDs someone, somewhere should think about implementing a free to use encryption software.

No wonder this country is still in deep shit while other nations recovered from economic crisis months ago. It's simply run by a bunch of brainless idiots.
 

eyemaster

Distinguished
Apr 28, 2009
396
0
18,930
I don't know the reason for copying staff information or patient information on a USB stick. That should be confidential and only available to people who already have access to the network and that data should not be allowed to leave the facility.
 

2zao

Distinguished
Dec 27, 2009
47
0
18,580
i dont understand why this wouldnt be standard for any business without even mentioning the fact that its a hospitol which has an even greater need for security...

hell most home users should honestly encrypt their sensative documents... taxes, reciepts, etc...
 

hellwig

Distinguished
May 29, 2008
817
0
18,930
There is never a reason that an employee of a medical facility would ever need to take a patients records out of that facility. If records are being transferred to another care provider, there are already procedures in place for that.

No, there is simply no excuse for this information to ever be on a thumb drive, or for that matter, anyone's computer. It should be on a centralized storage server, and access should only be through secured remote terminals or terminal software (i.e. secured SQL server with Access front end, and only accessible on-site).

The amount of personal information that gets lost on laptops, thumb drives, etc.. is just disgusting.
 

cracklint

Distinguished
Nov 6, 2008
112
0
18,630
I found a check stubb from one of the supervisors at my work place one time when I was taking a dump in the company restroom......well I guess it doesn't have the same impact.
 
Status
Not open for further replies.