UF warns patients of security breach

May 20, 2008

Jacksonville Business Journal


University of Florida officials will be notifying about 1,900 patients of a UF plastic surgeon that their private health information might have been breached after the information was managed and disposed of improperly.

Dr. Francis D. Ong, a UF assistant professor of plastic surgery at the UF College of Medicine-Jacksonville, stored unsecured digital photographs of his patients and identifying information -- such as names, dates of birth, Social Security numbers, and Medicare numbers -- on a computer. Ong then gave the computer to a family he was friends with in late January or early February this year.

One of the friends using the computer replaced its operating system, resulting in the permanent loss of most of the patient information.

According to UF policy, confidential patient information should only be stored in highly secure university servers, not individual computer hard drives.

"Dr. Ong's storage of these pictures and related data on this computer and his subsequent transfer of the computer to a family were in violation of University of Florida policy," said David Behinfar, a privacy compliance manager at the College of Medicine.

The UF privacy office mailed letters to patients May 19, which included a brochure offering safeguarding advice and a privacy office hotline number. Concerned patients of the College of Medicine can call the hotline at 866-876-4472.

main page ATTRITION feedback