Post a New Topic
Original post made
on Jan 21, 2013
Was the data encrypted as well as password protected? Passwords only protect you from casual theft. Private data needs to be encrypted as well.
> "As a result of this incident, we are taking additional steps to
> further strengthen our policies and controls surrounding the
> protection of patient data,
Isn't this the same thing Stanford Medical IT officials said the last time this happened? Clearly not releasing personal information in data that is going to be used by researchers does not seem to be something that they can do, or believe needs to be done. Or encrypting that information. Certainly internal ID numbers can be used to relate encrypted data to contact information kept on supposedly secure servers (which also should be encrypted).
Stanford IT people clearly understand that issuing a press release is a lot less work than coming up with a security regime for patient data that actually works.
so why was it left in the car?
This needs to be a law. So much effort into HIPPA measures, yet it's ok to keep personal info on a laptop that then leaves the security of the workplace. My law: If you have confidential personal info regarding clients on a laptop, that laptop stays at work. It doesn't belong in your car while you go eat or shop. With identity theft on the rise and quite a pain (financially and otherwise) for those who have been victimized, this should not be allowed!
Companies place security measures on protecting their own proprietary info, yet the clients are left on their own....
My spouse's workplace contacted us and said a laptop with employee personal data had been stolen -- like you, I can't believe a laptop with that info would leave the workplace! Now they're required to have encrypted data, and almost no one (even those who don't have any personnel info) is allowed to take laptops home!
Password protection means nothing. All you have to do is boot the computer in target mode and take the data (or whatever the pc filesharing equivalent is). Security is right, if the data isn't encrypted, the password isn't going to protect the data from even a casual thief.
People should be aware that their medical information isn't well protected anyway -- unless of course, a patient wants to collect all of it for their own records, then it's a real slog.
That was really stupid of someone to leave it in a car! My husband left his in the covered hatchback of his locked car, and when he returned half an hour later, it was gone, and the hatchback was open.
The police said that crooks now have technology to capture the lock signal from your electronic key when you lock your car, so they no longer have to smash the windows to break into a locked car.
The advice from the Santa Clara PD: always, always take your laptop, phone, or tablet with you, even for two minutes!
Ironic that we are blocked from accessing online info for our own children if they are 14-17, yet a physician can bring it home on his laptop!
Laptops with personal information on them need to have full disk encryption (FDE). That is, the whole disk needs to be encrypted. Logins passwords are not adequate to protect this kind of data. FDE is available from several vendors.
I would think that Lucile Packard Children's Hospital is liable for not having the laptop encrypted.
I called the Stanford Privacy office and they REFUSED to explain why patient data was on a laptop, who the physician was (male, but all they would say), and what he was doing with private data. The guy even went so far as to say that he knew the physician was "authorized" to have the data, but then backtracked and said that he had no idea who the laptop belonged to, or why info was on it, or what that physician was doing with it. But we're supposed to take his word that whomever had the data was "authorized." This is so unacceptable.
I'm not computer whiz, but it seems like Stanford has been paying lip service to security. Four security breaches in last year or so? And they say now they;re "redoubling" their efforts to get laptops encrypted? Here we are in the high tech world of Silicon Valley, and Stanford can't remotely wipe data off computers? Computers have been stolen from hospital offices, from homes. I hear only now are they locking doctor's office doors at night! Stanford, get with it. I think my daughter's PA school computer has better security and tracking that Stanford.
Don't miss out on the discussion!
Sign up to be notified of new comments on this topic.
Post a comment
Posting an item on Town Square is simple and requires no registration. Just complete this form and hit "submit" and your topic will appear online.
Please be respectful and truthful in your postings so Town Square will continue to be a thoughtful gathering place for sharing community information
We prefer that you use your real name, but you may use any "member" name you wish.
Select your neighborhood or school community: * Not sure?
- Barron Park
- Charleston Gardens
- Charleston Meadows
- College Terrace
- Community Center
- Crescent Park
- Downtown North
- Duveneck/St. Francis
- Embarcadero Oaks/Leland
- Esther Clark Park
- Evergreen Park
- Greater Miranda
- Green Acres
- Greendell/Walnut Grove
- Leland Manor/Garland Drive
- Meadow Park
- Monroe Park
- Old Palo Alto
- Palo Alto Hills
- Palo Alto Orchards
- Palo Verde
- South of Midtown
- St. Claire Gardens
- The Greenhouse
- Triple El
- University South
- Woodland Ave. area (East Palo Alto)
- Addison School
- Barron Park School
- Duveneck School
- Egan Middle School (Los Altos)
- El Carmelo School
- Escondido School
- Fairmeadow School
- Gunn High School
- Hoover School
- JLS Middle School
- Jordan Middle School
- Juana Briones School
- Nixon School
- Ohlone School
- Palo Alto High School
- Palo Verde School
- Santa Rita (Los Altos)
- Terman Middle School
- Walter Hays School
- another community
- Another Palo Alto neighborhood
- East Palo Alto
- Los Altos
- Los Altos Hills
- Menlo Park
- Mountain View
- Portola Valley
Verification code: *
Enter the verification code exactly as shown, using capital and lowercase letters, in the multi-colored box.
Why I Became Active in Palo Alto Forward
By Steve Levy | 12 comments | 2,384 views
Early Decision Blues
By John Raftrey and Lori McCormick | 0 comments | 2,034 views
By Sally Torbey | 10 comments | 1,220 views
Death with Dignity
By Chandrama Anderson | 2 comments | 1,187 views
By Cheryl Bac | 2 comments | 1,052 views
Home & Real Estate
Shop Palo Alto
Send News Tips
Circulation & Delivery
Mountain View Voice
© 2014 Palo Alto Online
All rights reserved.