Medical Data on 365,000 Patients Stolen 226
Anonymous writes "Backup tapes and disks with data on 365,000 patients were stolen out of the car of a worker at a healthcare company in Portland. According to this Computerworld story, the tapes were in his car because he took them home as part of a disaster recovery plan, to protect the information from fire and other on-site disasters. D'oh!"
What's the problem (Score:5, Funny)
Re:What's the problem (Score:2, Funny)
Taking information on people without their consent should be a crime of the highest magnitude.
I personally, am looking forward to hearing what George Bush has to say on the matter.
Re:What's the problem (Score:2)
As everyone on /. knows by now, data can not be stolen.
Re:What's the problem (Score:2)
As everyone on
Well it can't easily be stolen if it isn't kept all in one place. I work in the UK's National Health Service at the moment, and over here, primary care (local medical practices) still have control over their local database. Unfortunately, the government is trying to rail-road practices into handig it all over to a centralised system. (They're on a control trip again, and wanting to funnel huge quantities of money to the companies that have been push
Re:What's the problem (Score:2, Interesting)
The security requirements are incredible...we had to make a physically seperate lan for the NHS approved kit which cannot be shared with anything else - the building now has 2 distinct set of CAT5 cabling.
Interestingly enough however, the recommended practice for backups is to take them offsite. I got root to the db machine and looked at the backup script
Re:What's the problem (Score:2)
Re:What's the problem (Score:2)
Well, the question is ... (Score:5, Insightful)
Re:Well, the question is ... (Score:4, Funny)
Funny you should mention that (Score:3, Informative)
Washington law demands that notification occur if there's any chance that the information could be used criminally. Since we too operate in Washington, we're also complying with that law.
Essentially you must notify each person directly unless the cost of doing so is upwards of a million dollars
Re:Funny you should mention that (Score:2)
Re:Funny you should mention that (Score:2)
Re:Funny you should mention that (Score:2)
I support a billing and collections office in the healthcare industry. I wouldn't say that this kind of mistake happens "all the time" but it is honestly an easy mistake to make. That's one of the reasons we have our fancy legal disclosure thought up by the company lawyers and plastered all over our cover sheets.
Furthermore, I am led to believe that there would still be legal ramifications if the insurance company which receives
Yes but it failed... (Score:2)
what the fucking fucking fuck?? (Score:2)
"The tapes and disks were taken home by the employee as part of a backup protocol that sent them off-site to protect them against loss from fires or other disasters. That practice, which was only used by the home health care division of the hospital system, has since been stopped, said health system spokesman Gary Walker."
This was part of the company's protocol? An employee taking the shit home and leaving it in his car? Personal/medical/financial data for umpteen hundreds of thousands of people? W
Hehe (Score:5, Funny)
Walking to the bank. (Score:2)
Of course, it doesn't help when the bank that your manager has forced you to use has really poor security of their safety deposit box. Banks are unbelieveable. Unbelieveably stupid that is.
Re:Hehe (Score:2)
Note to any female that reads my files: I'm still waiting for confirmation that the itching sensation is actually crabs.
Reply to sig. (Score:2)
Mwa ha ha ha!!!
Contact me for the address where you can send the reward check.
The further story (Score:5, Informative)
The data on the tapes was encrypted, Walker said. The data on the disks was in a proprietary file format that was not encrypted, but "is stored in a way that would make it difficult, if not impossible, for someone to access it, then make any sense out of it," he said.
So not as bad as the summary seemed to indicate, but still not the greatest thing to have happen.
Especially if that proprietary file format "difficulty" is just the fact that the files are in some old version of Word.
Re:The further story (Score:2, Informative)
Re:The further story (Score:3, Interesting)
Much worse! Data really on disks! (Score:5, Insightful)
In an announcement yesterday, Providence Home Services, a division of Seattle-based Providence Health Systems, said the records and other data were on several disks and tapes stolen from the car of a Providence employee at his home. The incident was reported by the employee on Dec. 31, according to the health care system.
The data on the tapes was encrypted, Walker said. The data on the disks was in a proprietary file format that was not encrypted, but "is stored in a way that would make it difficult, if not impossible, for someone to access it, then make any sense out of it," he said.
So think about it - Tapes AND Disks were stolen (at first I had thought it was just tapes). The hard to read media (tapes) were encrypted. But it doesn't matter, chuck 'em in the river because the DISKS (fasr easier to read by any fool with a computer) have data that is in a format that is just "hard to read"!!
Give me five minutes with Emacs and/or a Hex editor and/or Strings and I'll bet I could start churning SSN's out of the files right quick! I don't care if they are ISAM or DB2 or Pig-Latin! Security by file format obscurity is zero security, that data has to be treated as widely known at this point.
Re:Much worse! Data really on disks! (Score:2)
Or, depending, you could end up with
Re:The further story (Score:2, Funny)
Good point, I'm sure it will be just fine. On an unrelated subject, Daeley, just out of curiosity, how is that spastic colon of yours doing?
Re:encrypted (Score:2, Funny)
And that's why... (Score:5, Informative)
Oh, and make sure the vault they keep them in is a)real and b) really able to withstand ANY disaster.
Re:And that's why... (Score:2)
Probably not. An archive company would not leave them in the truck. Professionals, chain of custody...the truck is used only for transport, not storage.
Re:And that's why... (Score:2)
Or you know, I might be wrong. Maybe it's possible that they do in fact drive to each customer's location individually for tape swapping.
Re:And that's why... (Score:2)
Possible, but unlikely. More likely they will have more than one person in the vehicle, and the vehicle will never be unattended. Ever see an armored car work? Two go in, one stays in the truck. Three people to pick up from one place. It would be simple to do the same with the courier for secure tapes.
Re:And that's why... (Score:2)
Yeah, I have used it before. Are you complaining that you will do something you know to be wrong because you are too stupid to be able to justify the right thing to the people writing the checks? The Right Thing usually costs money. When the alternative is insecure tapes (both for theft and loss when they are needed for the business), the extra cost doesn't look like too much.
Next week... (Score:3, Funny)
Re:Next week... (Score:2)
hmmm (Score:4, Interesting)
And storing the tapes in your car? What happens if it's 100 degrees outside?
Where i work, they make the backup copies and have someone drive them to one of the other branches at the company. They make a backup every day and keep seven days worth of backup in rotation so if something went wrong 6 days ago and they backed up the problem every day, they ahve the 7th backup left to work with...
Unfortunatley i don't know what their view on encrypting the data is. With as anal retentive as the IT VP is about security though, i can't imagine they wouldn't be encrypted...
Re:hmmm (Score:2)
Re:hmmm (Score:2, Insightful)
Re:hmmm (Score:2)
Re:hmmm (Score:2)
It probably isn't encrypted. They probably think it's ok since it is only in transit for 20 minutes (or whatever it is).
Of course, if the car is involved in an accident, the driver seriously injured and the tapes get stolen during or after the accident cleanup... ooops.
This stuff happens every day. And it will continue to happen.
Re:hmmm (Score:2)
Props to your IT VP. Being anal about security is his job.
Re:hmmm (Score:2)
Why is anyone allowed to take the records? (Score:2, Insightful)
Re:Why is anyone allowed to take the records? (Score:2)
Re:Why is anyone allowed to take the records? (Score:2)
Hard to believe this mistake (Score:3, Informative)
Is it really theft? (Score:5, Interesting)
I can see hard disks being stolen..... but not tapes in the one case. Thieves like to take items with obvious value. Am I missing something here? Isn't it possible the workers simply sold the data?
Re:Is it really theft? (Score:2)
Re:Is it really theft? (Score:2)
Re:Is it really theft? (Score:2)
Maybe the thieves thought the tape cans contained pizzas.
TFA says "backup data disks and tapes". I assumed the disks were CD (not hard or floppy). I guess the tapes would be cassettes, not reel-to-reel cans as I joked above.
Re:Is it really theft? (Score:2)
Consider:
1. Tencho-savvy miscreant sees employee leave medical building carrying piles of disks and tapes. (the disks, if CDs could be mistaken for audio CDs, but the variety of backup tapes that I have seen used in recent years look more like 8-track casettes than DAT or old-school two-sided stereo audiocasettes)
2. Techno-savvy miscreant ceases nearby dumpster-diving activities and stealthily zeroes in on the jackpot.
3. ??????
4. Profit!
Re:Is it really theft? (Score:2)
The data might pop up somewhere and if the health insurance company catches on, it suddenly becomes an corporate spying case. If it's reported stolen, the excuse for it popping up somewhere later is built-in.
What century is this? (Score:2)
Re:What century is this? (Score:2)
Re:What century is this? (Score:2)
OK (Score:3, Insightful)
Re: 365,000 (Score:2)
Re:OK (Score:2)
Any manager who required employees to take data home should be fired. I would be surprised if the company's insurance policy covers this. My home insurance specifically covers my stuff in storage or in transit, away from home, but would a corporate policy cover informal arrangements to store stuff in employees' cars or homes?
Re:OK (Score:2)
Although anyone with sensitive corporate information in a home has a problem.
Thanks, buddy! (Score:3, Funny)
I think I speak for everyone when I say... (Score:2)
Partially encrypted (Score:5, Interesting)
For much the same reasons cited here our company backups are taken offsite (daily) -- only difference is that instead of tapes and disks we found that for speed, volume, and cost it was better to go with external hard drives (I figured this out almost ten years ago myself
Even though we are a small organization (under a few hundred employees) the data is encrypted. That was step one and one of the most important IMHO. The average Joe who finds / steals any of our external drives (which has never happened thankfully) would be hard pressed to even figure out the filesystem (Ext3). Not that that would really slow down anybody who knows what they're doing -- nor was it done for security (I just like / trust Linux
Of course I can think of other problem areas where data is flying around unencrypted and sensitive. The Department of Employment Security (which many states all report to for and through payroll to track dead beat dads) takes their data with your social security number in a plain ASCII text file sent through the US mail on a floppy. What happens when you lose a floppy, or what do they do with the processed disks?
Fortunately and unfortunately we need and there will be laws requiring any such sensitive information to be encrypted for "National Security" (Big Brother [tm]) reasons. It's only a matter of time. It is unfortunate that it will take a law and more bureaucratic BS to make this happen, it is fortunate for all our privacy and the fact someone has to program this (more work for me
Re:Partially encrypted (Score:2)
Ahh... that explains why I couldn't mount those drives I just stole from you. Thanks for the tip!
--Rob
Don't Use Your Car (Score:2, Interesting)
Bottom Line: Secure transport and storage plans are required no matter how sensitive or mission critical your inf
Absurd (Score:2)
100000 * 8 * 365000 / 1500000 / 60 / 60 / 24 == 2.2 days
I just think it's really funny how many people still feel like storage and bandwidth are so scarce. A patient database is nothi
Re:Absurd (Score:2)
If whomever sets up/designs the system doesn't know about VPNs then they have much bigger problems to worry about.
Re:Absurd (Score:2, Insightful)
And if you can (which you can't) you will find that every state health agency in the country, most federal agencies, and most hospitals and health care providers are in violation.
HIPAA only requires you to make every possible effort to protect data. Protection can include things like encryption and tunneling, all the way down to privacy screens and closed office doors.
Nothing about not using the internet...
Re:Absurd (Score:2)
Yes I'm sorry, I'm such an idiot.
Bump the number up to 100MB per client and figure how big a daily diff might be - still no need to be trucking tapes around.
I Live In Fear of This (Score:5, Interesting)
Let's review here: we have a fake DR strategy which adds an hour to every file restore and exposes us to data theft. Sounds good huh? I have repeatedly told our brass it would be better to do nothing, but their position is "We don't want to tell the newspapers we had no DR strategy when the disaster strikes."
How do we remediate this? Well, we could encrypt the tape but that is a big pain in the ass and has its own disadvantages. Really, the answer is to get off our ass and build a DR data center so the potentially deadly placebo goes away.
Re:I Live In Fear of This (Score:2)
Re:I Live In Fear of This (Score:2)
Like I said, just getting the servers, network and SAN har
Re:I Live In Fear of This (Score:2)
Re:I Live In Fear of This (Score:3, Insightful)
risk acceptance letter (Score:2)
Re:I Live In Fear of This (Score:2)
Re:I Live In Fear of This (Score:2)
In other news... (Score:5, Funny)
Ah, more digital leakage that no... (Score:2)
a matter of the human factor and murphys laws...
I see ... / I don't see (Score:2)
Until the cost of loosing data becomes greater than the c
Reminds me of the last place I was fired from... (Score:2)
Sounds a bit sketchy... (Score:2, Insightful)
Not if you live in the city (Score:2)
Hell my brother had it car broken into once. The window smashed by a chunk of concrete (it was still inside) and the only thing missing was his coat, sunglasses and a broken camera we were always too lazy to simply take out.
Re:Not if you live in the city (Score:2)
I've had my car broken into several times. They always take the items that are easy for them to re-use or have street value. They may leave things with actual value. It's best to hide anything which could be sold for more than about $5.
Re:Sounds a bit sketchy... (Score:2)
Wha? huh? (Score:2)
What genius of a CIO thought an employee taking copies of tapes home in their car constituted a good disaster recovery plan? Especially in light of the flurry of highly publicized losses of customer information in recent months. My head is spinning just thinking about all the ways that a set of tapes in someone's car could be compromised.
If this isn't a case where a C-level executive loses his/her job -- in a very public way -- for allowing such a boned-headed plan to be put in place then I don't know wh
I guess no one has heard of encrypting backups. (Score:2)
A company I used to work for in the wagering business used 9 track tapes (many states specify it in their laws, so we just used 'em everywhere). Not only are the channels not arranged to standard form, but the data itself is encrypted according to a variable password. The only clear block on the tape is the first, which gives you the sequence and index of the password. Then you h
Re:I guess no one has heard of encrypting backups. (Score:2)
My take... (Score:5, Informative)
First of all, while it may shock many IT people that hospitals would use such rudimentary forms of backup and with little encryption, you have to understand that the state of IT in the medical world is backwards. Very backwards. There are a variety of reasons for this. One is that information systems are designed by IT people with little to no understanding of how the healthcare system works (which is understandable - many people in healthcare have little understanding of how it works). At the same time, you have healthcare professionals who really don't understand the full potential of how IT can be applied to healthcare or what its limitations are, but at the same time will complain about solutions that the IT world comes up with. There's this chasm between the two worlds and what you end up getting is a solution that no one likes and you end up having to go back to the drawing board over and over and over. It is absolutely amazing how much money gets sunk into medical IT and how very little progress it has made.
Another reasons includes the vast amounts of red tape in the medical world that are MEANT to prevent lawsuits and provide the best quality healthcare. But there's so much that it what it really ends up doing is bringing any kind of progress or new idea to a grinding halt. There is no industry I can think of which is so ill adapted to making changes even when they're necessary or make sense. The legal world has the medical world frozen in fear of the next litigation. The result is a paradoxical decrease in healthcare quality and increased costs.
Medical information privacy is one of those issues that seems to always be #1 on the list of concerns of electronic medical records. This has always been rather strange to me. How many people are really all that concerned with someone knowing about their cold, or their broken leg? Most people don't have much they would really care about hiding in their medical records. Of course, there are the people with mental illness, HIV, or sexually transmitted diseases. But even then, what exactly is this thief going to do with that information? IMHO medical information privacy is more of a theoretical concern than a real-life concern.
And then of course, there's the REAL reason people are considered with medical information being digitized identity theft for money reasons. I really blame the credit card industry for this more than anyone else. It's surprising to me that they could simply issue a credit card if someone just writes down a name, social security number and address. In this day and age with inexpensive biometric security systems, one would think they could require a submission of a fingerprint (or two). Hell, nowadays with branch offices literally EVERYWHERE, they could simply request you come in with your driver's license. It seems to me that it would be in a bank's best financial interests to do something like this.
Just my $0.02.
Re:My take... (Score:2)
Re:My take... (Score:5, Interesting)
Many people are vulnerable to blackmail about sensitive aspects of their medical records, including--but hardly limited to--sexual and mental health. Similarly, people may avoid seeking medical advice for such conditions if they fear that they cannot speak in confidence. And large networked databases simultaneously increase the value of the data to malicious users (more chance of finding something interesting) and the opportunities for access.
Of course, the major threats are all internal, not external -- malicious insiders.
Re:My take... (Score:2)
In this case, it is just a stupid provider. I agree that there is a whole lot of red tape in health care, but what they did are the two first things you learn when you go
The disks weren't encrypted. (Score:2)
And even better, what if the plain text on the disks is also on the tapes? Since you have the plain text original, you can easily decrypt the final encrypted version.
They are just trying to make it soun
Childish excuses? (Score:2)
You use your own basement as a "disaster recovery" site?
These sounds more like an excuse for some other dirty thing, like data loss, to be covered up.
And, of course, we all suppose that those backups have been recorded with strong cryptography, right?
In any case it seems that the major threat to information security is humanity.
Data left out in the open (Score:2)
Ironically, several Britney Spears, Backstreet Boyz and N*SYNC cds were still found in the back seat, unharmed.
Responsibility in action? (Score:2)
In my country in the middle of Europe, that itself would be a crime. No one could possess any personal data (including making copies of personal documents) the law does not say explicitly he can. 8 years in prison.
Why were the backups in an empty car? (Score:2)
Unless you get attacked on the way to the bank (and if you think that likely, take steps to provide security for the transfer - maybe an armored car if it is that sensitive), there shouldn't be an opportunity for anyone to gain access to the data. Usually keeping a low profile, and varying the times and days you make th
Encryption?.... (Score:2)
social security numbers still used as medical ids (Score:2)
Re:just say no to SSN#s (Score:2)
Re:just say no to SSN#s (Score:2, Informative)
Re:just say no to SSN#s (Score:2)
The 1,000 page memo, you mean? (Score:2)
Okay, granted, "I'll make photocopies of the paper files and put them in the back of my Gremlin" doesn't come close to any standard of privacy protection, with or without the law. But HIPAA's so far-reaching that it can sort of paralyze people and organizations, to the point where t