A USB key containing vital health record of 763 patients was stolen from a University Health Network employee in Ontario. Soon after, Ontario’s privacy commissioner Ann Cavoukian has launched a new awareness campaign for health care workers.
She said all patient information copied onto mobile devices like laptops, PDA’s, USB keys etc must be encrypted because health care workers don’t seem to recognize the fact that information in such devices poses a privacy risk.
Currently, all clinical devices such as laptops and desktops are encrypted at University Health Network comprising of Toronto General, Toronto Western and Princess Margaret hospitals. Dr. Bob Bell, President & CEO stated that by the end of September, all research computers will be encrypted.
We are in the process of putting USB keys across the organization that are encrypted. We told all our staff they must put patient information on an encrypted device if they need to put it on a device at all. The next step is to move to an encryption of any kind of downloading from a clinical site onto a remote device,” he said.
“This step will, however, create compatibility issues with other programs UHN staff use in teaching and research. It will make things more difficult but our first priority is the safety and confidentiality of our patients,” he added.
Police was notified by the UHN officials after a pharmacy assistant, doing an analysis of antibiotics in surgical patients, got her purse stolen.
“I don’t think there’s any suggestion that there’s valuable information on the USB key or that people actually knew what was in her purse or even that people would understand the data that’s on there,” said Bell.
He added that patient names, admission, discharge and medical procedure dates were in the files, but OHIP numbers, addresses, phone numbers or any other information that could compromise the financial security of the patients was not in the files.
UHN staff received notice of the “Think Before You Copy” campaign on Wednesday, encouraging them to reconsider the transfer of files to mobile devices, and to use encryption and password protection.
“Personal health information is the most sensitive information about you that exists…the fact of disclosing what surgical procedures you had, indicating what ailments you had, that alone is highly damaging from a privacy-invasive perspective,” said Cavoukian.
This is one amongst the many incidents of computing devices being stolen from healthcare workers. Previously, a laptop of a UHN employee was stolen from a car.
Data Security with Alertsec Xpress
If you use a data security software a theft would simply be reduced to an insurance matter and cost of the hardware plus time to rebuild the laptop. That is certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model. Feel free to subscribe for your personal 30-day free trial and secure your systems right now.
Related articles by Zemanta
- Stolen USB key contained health records (thestar.com)
- Hundreds of Ont. patient health files stolen (cbc.ca)
Is this a common problem in Ontario, or Canada in general? It’s becoming an increasing concern in the US, that’s for sure.