Laureen OBrien, CIO of Providence Health & Services Oregon region, was in her office, just back from the 2006 New Years holiday. A phone call that Tuesday, Jan. 3, brought news that every CIO dreads. Someone had stolen a computer bag out of a systems analysts car four nights before.
Gone were 10 computer disks and tapes holding information on what would turn out to be more than 365,000 patients—everything from Social Security numbers and birth and death dates to diagnoses, prescriptions and insurance numbers.
Data on doctors was missing, too, including Medicare and Medicaid numbers, state license numbers, names, addresses and phone numbers.
/zimages/3/28571.gifBoeing confirms its third data security breach since November 2005.Click hereto read more.
As noted by state Attorney General Hardy Myers, who would soon open an investigation, this was the biggest data breach ever reported in Oregon.
/zimages/3/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis InternetsSecurity IT Hub.
The incident also exposed Providence to a relatively unknown, costly and potentially dangerous variation of ID theft—medical ID theft. Here, thieves can use stolen information to obtain treatment in victims names, corrupt their medical records and file false insurance claims.
People whose health records are stolen and falsified may get the wrong medical treatment, find their insurance exhausted or become uninsurable, says Pam Dixon, executive director of World Privacy Forum and author of a report, Medical Identity Theft: The Information Crime that Can Kill You. Medical ID theft “can affect your health and well-being,” she warns.
/zimages/3/28571.gifRead the full story on Baselinemag.com: Identity Theft: Providence Healths Serious Pain
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.