Patients' medical records made public in Atlanta hospital snafu

Human error—not hackers—is apparently to blame in a security breach that affected 45 Grady Memorial Hospital patients, The Atlanta Journal-Constitution reported September 23.

 

Hospital officials mistakenly thought the records were on a secure Web site, but they were accessible to the public for several weeks in July, according to the article. A hospital spokesman said the information is no longer publicly accessible.

 

Internet security experts say an increasing amount of information is inadvertently slipping onto unsecured sites, the newspaper reported. “Very few keystrokes can make a system that is secure become unsecure,” Tom Dager, director of information technology at SecureWorks, an Atlanta information security firm, told the newspaper. He said that data breaches due to human error are becoming more common than breaches caused by hackers.

 

The situation at Grady Memorial Hospital highlights the risk of outsourcing work, Dager told the newspaper. The hospital had outsourced transcription to a Marietta, GA, corporation, which in turn outsourced the work to a Nevada company, which outsourced it to a firm in India, which let the information slip onto the Internet

 

Click here to read The Atlanta Journal-Constitution article.