Tuesday, March 3, 2009


Wired - An academic says he found thousands of sensitive medical records leaked over peer-to-peer networks from computers at hospitals, clinics and elsewhere. . .

M. Eric Johnson, director of the Center for Digital Strategies at Dartmouth College, says he used simple search terms on several file sharing networks and uncovered files listing patient names, Social Security numbers, birth dates, insurance carrier names and insurance diagnosis codes that revealed which patients were being treated for specific diseases. He conducted some of the searches last month and presented his findings at a conference last week.

Among about 160 files that Johnson claims contained sensitive data were two spreadsheets containing information on 20,000 patients, which identified four patients being treated for HIV-AIDS, 326 patients being treated for cancer, 201 being treated for mental illnesses and thousands afflicted with various other diseases. The spreadsheets came from a collection agency that a hospital employed to track down delinquent payments.

In addition to these records, Johnson found patient psychiatric evaluations from mental health centers in several states; patient billing information from a drug and alcohol rehabilitation center; and a spreadsheet from an AIDS clinic that listed the address, Social Security number and date of birth of 232 clinic visitors. A 1,718-page document (see document above) from a medical testing laboratory included the Social Security numbers, date of birth, insurance information and treatment codes for approximately 9,000 patients. . .

The study was partially funded by a grant from the Department of Homeland Security and comes on the heels of the $780 billion economic stimulus bill that President Obama signed into law last month, which allocates $19 billion to help build a nationwide health-information network that would convert all patient medical records to a digital format by 2014. . .


Post a Comment

<< Home