Ca: Etobicoke General Hospital laptop theft exposes thousands of hospital records
CBC News reports:
Medical records for thousands of patients at Etobicoke General Hospital could be in the wrong hands following the theft of a laptop.
CBC News has learned the personal details of 5,500 patients — including names, dates of birth and diagnostic reports — were on a laptop that was stolen in mid-January from a lab used to test brain activity.
The lab was locked but the laptop was not password-protected — contrary to hospital policy according to Ann Ford, chief privacy officer for William Osler Health System.
Read more on CBC.
Wait. The hospital’s policy is to (only?) password-protect laptops containing ePHI? Seriously? And now they’ve boosted their security by tethering laptops with cables but still haven’t deployed encryption? Do they understand how easy it is to bypass a password on a laptop?
This does not sound like adequate data security. I hope Ms. Ford misspoke about the hospital’s policies and that they actually require stronger protection.