HIPAA Breach for URMC – Third one!

According to Eric McCann, Associate Editor of HealthcareITNews, one of its doctors lost an unencrypted USB drive.
The lost drive had health information of 537 patients, according to the report. The drive had patients’ names, genders, ages, dates of birth, telephone numbers, medical record numbers, orthopedic physician’s name, dates of service, diagnostic studies, procedures and complications, if any, etc. Officials, according to this report, said that social security number or insurance information of these patients was not compromised.

As I read through the report in terms of what the URMC staff is doing, there’s education involved, but a lot of work required on staff’s part.

I just don’t understand why people feel a need to download data. With secure cloud, web based EMR systems, this need is totally eliminated. Granted that hospitals may not want to trust a traditional cloud provider, but then technologies allow them to host a ‘Private Cloud’ based EMR.

Time for people to grow up.