The University of Texas MD Anderson Cancer Center announced last week that a medical student lost a flash drive on an employee shuttle bus in July. This marks the second data breach this year for MD Anderson, which plans to increase digital security by encrypting 26,000 computers and reinforcing employee education regarding Protected Health Information (PHI) and securing portable devices.
The USB drive contained patient names, dates of birth, medical record numbers, diagnoses, and treatment and research information; it did not contain any financial information such as Social Security numbers. The drive was not encrypted. MD Anderson has begun notifying 2,200 patients whose personal information may have been compromised.
Healthcare providers and organizations are held accountable for adhering to strict HIPAA requirements regarding the security of protected patient information. For backup solutions, firewalls, or managed IT services, please contact Microwize Technology today.