Ca: Etobicoke General Hospital laptop theft exposes thousands of hospital records

CBC News reports:

Medical records for thousands of patients at Etobicoke General Hospital could be in the wrong hands following the theft of a laptop.

CBC News has learned the personal details of 5,500 patients — including names, dates of birth and diagnostic reports — were on a laptop that was stolen in mid-January from a lab used to test brain activity.

The lab was locked but the laptop was not password-protected — contrary to hospital policy according to Ann Ford, chief privacy officer for William Osler Health System.

Read more on CBC.

Wait. The hospital’s policy is to (only?) password-protect laptops containing ePHI? Seriously? And now they’ve boosted their security by tethering laptops with cables but still haven’t deployed encryption?  Do they understand how easy it is to bypass a password on a laptop?

This does not sound like adequate data security. I hope Ms. Ford misspoke about the hospital’s policies and that they actually require stronger protection.

 

About the author: Dissent