Earlier this week officials at the Women & Infants hospital in Rhode Island disclosed that ultrasound images along with personal data including names, birthdates and Social Security numbers of approximately 14,000 patients was lost. Although the data was discovered to be missing in September, it was not until this past Monday that the hospital warned the affected patients that their personal information was missing. At this point in time it is not known if the data was stolen or merely accidentally misplaced. What is known is that, once again, the data was not encrypted so that anyone stealing or finding the information would be in a position to use it for identity theft. In the light of similar data breaches that have occurred for years, this neglect is inexcusable.
You have to be particularly vigilant with the information held by medical facilities and providers because along with your other personal data, they hold medical insurance information that if it falls into the wrong hands can make you a victim of medical identity theft, which, as I have described in earlier postings is a particular insidious form of identity theft that is difficult to fix and can even result in your receiving dangerously improper medical care as the medical identity thief’s medical information becomes mixed with yours. Whenever you use a medical provider ask them specifically if they encrypt their data and what they do to make sure their data is secure.