Archived Story

An invasion of privacy

Published 7:21pm Saturday, January 5, 2013

Bad things happen, no matter how much we might try to prepare for them. Storms come along and overwhelm even the best-prepared cities, cars slide across icy roads, electrical fires destroy homes and businesses without warning. There’s no way to protect against every eventuality in life. The world is, unfortunately, inherently dangerous.

So there’s a bit of a temptation to give a Sentara Healthcare contractor a pass for the theft of a laptop in California that contained personal and private information about 56,000 of Sentara’s patients. The laptop was stolen from a locked car parked at the home of an engineer who works for a company, Omnicell, that manages Sentara’s automatic pharmacy dispensing devices.

Omnicell officials have said they’ve put safeguards in place to make sure such an event doesn’t happen again, and Sentara officials assure potentially affected patients that Social Security numbers, insurance policy numbers and personal financial information were not among the data included in the database stolen with the computer on Nov. 14.

Still, it’s troubling to hear the types of information known to have been included in the database that existed on the laptop.

Names, birthdates and medications for 56,000 patients from seven Sentara hospitals and three outpatient centers are known to have been in the database. Sentara says the stolen laptop may also have contained details on gender, allergies, admission and discharge dates, physician name and patient type. And other information could have included site and area of the given hospital — for instance, specific inpatient or outpatient unit or area — along with patients’ room numbers and medication dosage and instructions.

Both companies stress that they have taken the required steps to notify the patients, and the tone of their comments to the press suggested that people should not worry too much about what was lost.

But it’s not hard to imagine that affected patients might feel violated by the simple fact that a stranger now knows such intimate details about them, the kind of details they might not even have shared with their family or friends, the kind that could now be shared with the world via the Internet.

Accidents happen, and there’s no way to guarantee that people will not do evil things like stealing laptops from locked vehicles. It would not be fair to hold Sentara directly responsible for the loss of data by its contractor. But healthcare providers owe their patients the very strictest possible controls on the personal information they keep, and it should never be at risk of exposure through such a simple burglary.

PrintFriendly
  • dollyb12

    Also, it is no comfort at all for any company to offer an identity theft victim a year’s worth of free credit monitoring AFTER the damage has already been done…I can monitor my own credit for free as I have always done, thank you very much.

    Suggest Removal

  • dollyb12

    I don’t believe anything they say anymore. Data theft shouldn’t even be happening with all the security measures available. My husband and I have been targets of military data thieves at least twice that we know of, and when I call to talk with the firm responsible they ALWAYS minimize the impact that it might have on the victims. I have witnessed so much negligence in protecting data that I dislike giving out personal information to anybody, especially the government. I have also witnessed firsthand in the medical field gross negligence when handling a patient’s personal data. Where are the HIPAA police? If no one can protect our data, I say stop using computers altogether.

    Suggest Removal

  • thekytikat

    This kind of thing happens to our nation’s military members more than you want to know.

    Suggest Removal

Editor's Picks