Wednesday, June 15, 2011
A laptop computer holding the medical records of 8.6 MILLION patients has gone missing in the UK
by Larry Geller
I’m a fan of electronic medical records, but not this way, and not the way the US government is contemplating. Eight million patients’ records should not have been on that computer in the first place.
Data wants to be free. Someone, somewhere, will keep it on their laptop in unencrypted form, and one day that computer will be stolen, misused, or sold with the data still in it.
The trick is not to put together these databases in the first place. Good luck with that, of course, since Big Brother demands Big Databases.
The unencrypted laptop contains sensitive details of 8.63 million people plus records of 18 million hospital visits, operations and procedures.
The data does not include names but patients could be identified from postcodes and details such as gender, age and ethnic origin.
The records include details of cancer, HIV, mental illness and abortions.
[The Sun (UK), Missing: Laptop with 8.6million medical records, 6/15/2011]
In Hawaii, computer records got loose with personal information because the University of Hawaii gave identifying data to a professor that was not necessary for his project. The UH also kept social security numbers in its parking data. Of course, none of that was protected by encryption. In the UK, laptops with data just somehow escaped. It will happen.
How can medical records be kept while minimizing such risks? My records are kept in encrypted form by my primary care physician, a pioneer in electronic medical records in Hawaii. He can, of course, send data as required to another physician. Other physicians send reports and test data to him. If his computer were to be stolen, none of my data is at risk.
I know this because I checked.
That’s how personal data is protected. You keep a cork in the bottle to the extent you can control it. Alas, it is increasingly difficult to keep that cork in as government and business gather data from and about us.