[Dataloss] Stolen laptop returned to Beaumont Hospital

World Privacy Forum info2006 at worldprivacyforum.org
Thu Aug 24 15:22:39 EDT 2006


 From the Detroit Free Press article:

"Hospital officials said an independent computer expert determined that 
the laptop’s patient information was not accessed during the time it 
was missing. Yet, they added that the agency will continue to offer 
free credit monitoring to the 28,473 patients whose information was on 
the laptop."

I've seen several media reports saying similar things such as "the data 
wasn't accessed"  after post-breach recovery of computers. What isn't 
being said, of course, is that the entire drive could have been copied 
without specific data being accessed. The "data wasn't accessed" 
statements need some substantial qualifiers, I think.  This is a real 
flaw in some of the reporting on this issue -- my hope is that even the 
most general reporting of this becomes more tuned into the copy issue. 
While not everyone will know how to copy a drive without leaving 
footprints, the professionals will.

Pam Dixon




On Aug 23, 2006, at 6:05 PM, lyger wrote:

>
> (follow-up to previous post)
>
> Courtesy Audit (attrition.org)
>
> http://freep.com/apps/pbcs.dll/article?AID=/20060823/NEWS99/60823026
>
> August 23, 2006
> By Kim Norris
>
> A stolen laptop filled with medical and personal information of more 
> than
> 28,000 patients of Beaumont Hospital Home Care was returned Wednesday,
> without any of the patients. information accessed, Beaumont Hospital
> officials said.
>
> Several unnamed employees have since been disciplined, officials said.
>
> The laptop computer was inside a car belonging to a home care nurse 
> care
> when the car was stolen Aug. 5 on Agnes Street in Detroit. It was
> recovered Wednesday after hospital security officials received more 
> about
> 50 tips from area residents responding to a hotline number 
> disseminated by
> local media.
>
> [...]
>
> _______________________________________________
> Dataloss Mailing List (dataloss at attrition.org)
> http://attrition.org/dataloss
> Tracking more than 142 million compromised records in 307 incidents 
> over 6 years.
>
>
>



More information about the Dataloss mailing list