Calif. system's patient data was available on Google
A California hospital system left the data of 32,755 of its patients exposed online.
The three-hospital Cottage Health System in Santa Barbara notified its patients that their personal health information (PHI) may have been available on Google. A third-party vendor removed electronic security protections for one of its services, unbeknownst to the health system, according to a letter mailed to patients.
PHI was left unsecured and exposed for nearly two months and included patient names, dates of birth, medical diagnoses, lab results and procedures, medical record numbers, account numbers and addresses.
The letter also said the system has taken steps to prevent this from occurring again, "including reviewing service relationships with third party vendors, expanding and increasing the frequency of internal and external security checks, and enhancing our 'change notification system.'"
Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.