HK hospital worker mum on patient data loss till 3 days later

A Queen Elizabeth Hospital staffer lost a USB flash drive holding personal data of 92 patients, information of drug prescriptions, and dispensing related documents on Feb 18, but only reported the case to the hospital three days later.

The missing USB flash drive--without encryption and password protection--belongs to a pharmacy department worker, according to the hospital. In the hope of locating the device somewhere inside the department, the worker started searching but effort was in vain.

On Feb 21, the worker reported the loss to the department manager who then notified the hospital management of it. The hospital, once aware of the incident, summoned 100 workers within the department to help in the search and reported the case to the Hospital Authority, the spokesperson noted.

The HA has guidelines on the use of removable electronic storage devices and employees must get approval before using them for work. But the spokesperson doesn't provide details on when a staffer's required to report the loss of a device containing patient data once he/she's aware of it.

"We believe that the USB flash drive is misplaced in the restricted area of the department [of Pharmacy]," the spokesperson noted. "We consider the risk of exposing patient data to the public to be low."

The hospital also reported the case to the Police and the Office of the Privacy Commissioner for Personal Data, in addition to contacting all concerned patients.

The hospital will conduct an in-depth investigation as well as follow-up according to HA's human resources policy, the spokesperson said.

Tags Queen Elizabeth Hospitalsecurityhealth caredata protectionindustry verticalsprivacy


Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Management Solutions

Endpoint Security Management

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.