[ISN] Group formed to enhance patient data security

From: InfoSec News (alerts@private)
Date: Tue May 06 2008 - 01:37:55 PDT


May 5, 2008

The Hospital Authority has appointed a task force to enhance security 
following cases of lost electronic devices containing patient data.

Former Privacy Commissioner for Personal Data Stephen Lau will chair the 
group. Other members are the authority's board member Charles Mok, 
Computer Society President Sunny Lee and the authority's Clinical Data 
Policy Group Chairman Dr Chong Lap-chuen.

The task force will submit a report to the authority's Chief Executive 
Shane Solomon in three months.

There were nine reported cases on data loss via electronic devices in 
the past 12 months, involving 5,988 patients. A total of 3,117 of the 
losses did not involve personal particulars, while 961 of the remaining 
data items were not password protected.

Of them, eight cases were reported to Police and seven were 
theft-related. The data loss cases happened at Pamela Youde Nethersole 
Eastern Hospital (four cases), Kowloon Hospital (two cases), Queen Mary 
Hospital (one case), Tuen Mun Hospital (one case) and United Christian 
Hospital (one case).

The lost electronic devices included four USB memory sticks, one palm 
handheld device, one MP3 player, one Central Processing Unit, one laptop 
computer and one digital camera.

The data lost was mainly collected manually. Patients involved in four 
reported cases have been contacted. Hospitals will continue to contact 
concerned patients if needed.

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Tue May 06 2008 - 01:59:18 PDT