CDPH Reports 'Big' Data Security Breach

Cheryl Clark, for HealthLeaders Media , December 16, 2010

On November 23, 2010, CDPH completed compiling the list of individuals whose medical or other personal information may have been compromised as a result of the loss of the tape. Reilly explained that it took several weeks to evaluate "thousands and thousands of documents" on the tape in order to determine which ones contained someone's personal or medical information.

California imposes fines for such medical information breaches when they occur in health settings, and the penalties are said to be the toughest in the country. For the breach of a one patient's medical record, the fine is $25,000 and for subsequent records, $17,500. As of Nov. 22, the state had fined hospitals $2.2 million for such lapses in patient confidentiality.

State officials said they have instituted policies and procedures "to minimize the likelihood of recurrence and is researching options which would eliminate the need for a backup tape."

Comments are moderated. Please be patient.

2 comments on "CDPH Reports 'Big' Data Security Breach"

Sang (12/30/2010 at 5:15 PM)
Dave, The story notes that the tape was UNencrypted. What I'm curious to know is, why is it protocol to use a private courier over the USPS? Couriers have plenty of instances of losing stuff, too. Maybe they're better at not losing mail, but it still happens. If the CDPH was serious about protecting the information, they should have a protocol calling for the use of cryptographic solutions for any digital data that is mailed.

dave (12/16/2010 at 12:56 PM)
I'm confused. If the tape was enctrypted and cannot be read, then how was there a breach??




FREE e-Newsletters Join the Council Subscribe to HL magazine


100 Winners Circle Suite 300
Brentwood, TN 37027


About | Advertise | Terms of Use | Privacy Policy | Reprints/Permissions | Contact
© HealthLeaders Media 2015 a division of BLR All rights reserved.