• E-mail
• Print
• RSS

New York Times editorial urges mandatory encryption in aftermath of NIH theft

EHR Connection, April 21, 2008

The New York Times wasted no time after the theft of a National Institutes of Health (NIH) computer containing information regarding approximately 3,000 heart patients became public knowledge. It immediately endorsed legislation requiring encryption and notification deadlines in its March 26 editions.

The laptop computer was stolen from a researcher’s car in late February, but NIH did not notify patients until approximately a month later, the paper noted in its editorial.

“The release of this information is serious . . . Patients are likely to be reluctant to participate in clinical trials if their privacy is not respected,” according to the editorial.

An agency official expressed deep regret for the breach and blamed the delay in notifying patients on an independent review board that determined the schedule. The official said the agency is double-checking data to ensure it is encrypted and is conducting a review to determine if the researcher should be disciplined, according to the editorial.

The editorial called these good steps, but said that more was needed. “There should be a federal law imposing strict privacy safeguards on all government and private entities handling medical data,” the editorial said. “As the NIH has shown, medical privacy is too important to be left up to the medical profession.”

Click here to read the editorial.

• E-mail to a Colleague
• Print
• RSS
• Archive