Personal Information Posted on Hospital Web Site

August 29, 2006

A computer glitch on a hospital web site left some people at risk for identity theft.

Names, birth dates, and social security numbers of various healthcare workers were posted on Valley Baptist Medical Center's web site late last week.

The personal information came from an online application filled out by workers who provide services and bill the hospital.

The mistake was first discovered by a Houston resident visiting the web site.

"I was shocked, " says Maria Hinojosa. A victim of identity theft herself, Hinojosa says she realized something was very wrong.

Hinojosa provided NEWSCHANNEL 5 with four names of the potential 73 victims.

We contacted two of those people. Both expressed outrage over this security breach, but they declined an on-camera interview.

When NEWCHANNEL 5 contacted the Valley Baptist Medical Center, they said the problem was already fixed.

A hospital spokesperson says it was a programming error they "were able to contain immediately."

No one knows for sure how long the private information was accessible.

Valley Baptist workers say the privacy of their own employees and patients was never compromised. But they add, they're auditing their computer system to get some answers.

Valley Baptist is contacting people whose personal information was posted online. If you believe you may be a victim, you're asked to call 877-840-5999.

main page ATTRITION feedback