Data breach at Grady Memorial Hospital
September 24, 2008 – 9:41 amThere was a data breach at Grady Memorial Hospital where 45 patients information leaked out onto the Internet. The web space was thought to be a secure server. Turns out that it was on public web space and anyone could have looked at it.
The data breach was discovered by one of the Grady doctors when he decided to google his name. He was shocked to discover information on some of his patients.
The Grady Memorial Hospital had outsourced the transcribing of the medical notes to a Marietta firm. The Marietta firm in turn outsourced the transcription to a Nevada contractor who in turn hired a firm out of India. The firm in India was the one that actually let the records leak onto the Internet.
45 patients were affected by the data breach. The information that was leaked included doctor’s notes, Ages, names, medical conditions, diagnosis and medical procedures. Luckily the patient’s social security number and credit card information was not included in the leaked information.
This data breach was very similar to the one that happened to state health insurance when they let 71,000 Georgia families information leak out onto the internet for several days. Every time a data breach happens like this it is a direct violation of the Federal HIPAA regulations that was designed to protect the information and privacy of patients. Grady Hospital has informed the patients of the data breach and so far no patients have suffered from it.
Tags: , Data Breach, information leak
