Connecticut Investigates Breach

2 Agencies Ask Questions About Hospital's Hard Drive Loss
Connecticut Investigates Breach
Two Connecticut state agencies are investigating a health information breach incident at MidState Medical Centerin Meriden that may have compromised information on 93,500 patients.

The incident involved patient data that was downloaded to an external hard drive in violation of the organization's policies, and the drive was subsequently lost, according to the hospital. (See: Inappropriate Download Leads to Breach)

Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein are seeking more information about the security policies of the medical center, how the breach occurred and what is being done to prevent future breach incidents.

A spokesman for MidState Medical Center in Meriden, Conn., which is part of the Hartford HealthCare system, said earlier this week that an employee of Hartford Hospital, another unit of the system that provides services to MidState, inappropriately downloaded patient information to an external hard drive to use when working at home The drive was discovered to be missing on Feb. 15, and the employee was fired for violating policies.

The drive included MidState patients' names, addresses, dates of birth, marital status, some Social Security numbers and medical record numbers. "We have no reason to believe that any personal information has been misused as a result of this incident," the medical center said in a statement about the health information breach on its website.

"MidState Medical Center and other affiliates of Hartford HealthCare are in the process of reviewing their policies and are taking steps to help ensure that this type of incident does not happen in the future," the statement said. The spokesman said those preventive measures will include educating staff members about privacy and security policies.

The medical center is offering patients who may have been affected two years of free credit monitoring.


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Howard J. Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 34 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network