‘Bored’ patient breaches data of 15,000 from N.H. health department

Hacking skills weren’t needed to gain access to confidential patient information of 15,000 individuals who had received services from the New Hampshire Department of Health and Human Services. All it required was a public computer.

According to the New Hampshire Union Leader, information like Social Security and Medicaid identification numbers was readily available on computers in the library of the state’s psychiatric hospital. In October 2015, a patient allegedly copied the information, emailed it to his own Gmail account and later posted it to Facebook—all because he was “bored and not happy being in the hospital,” according to a court affidavit.

While hospital staff quickly noticed the unauthorized access and banned the patient from using hospital computers, no report of the breach was made.

“There is no indication that the supervisor ever notified anyone in management of New Hampshire Hospital or anyone in HHS at that time,” said department commissioner Jeffrey Meyers. “What should have happened is the supervisor should have reported up the incident so that it could have been fully investigated at that time.”

For more on the breach and the holes in the department’s cybersecurity, click on the link below: 

""
John Gregory, Senior Writer

John joined TriMed in 2016, focusing on healthcare policy and regulation. After graduating from Columbia College Chicago, he worked at FM News Chicago and Rivet News Radio, and worked on the state government and politics beat for the Illinois Radio Network. Outside of work, you may find him adding to his never-ending graphic novel collection.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.