Stanford medical records posted on public website, now removed
Below is part of the story published by MercuryNews.com, quoting Dr. Deborah Peel, founder of Patient Privacy Rights.
“The electronic medical records of 20,000 Stanford Hospital emergency room patients, including names and diagnostic codes, were posted on a commercial website, the hospital disclosed Thursday.
Personal information about patients seen between March 1 and Aug. 31, 2009, has been removed from the website and an investigation is under way, according to Stanford Hospital spokesman Gary Migdol.
But the startling breach — caused by a vendor’s subcontractor, who has assumed responsibility — raises questions about the privacy of medical information as it passes through many hands.
In one instance, it revealed a psychiatric diagnosis of a Santa Clara patient.
The released information also included medical record numbers, hospital account numbers, billing charges and emergency room admission and discharge dates. Credit card and Social Security numbers were not included…
…Americans expect doctors and hospitals to use their records only with consent, said Dr. Deborah C. Peel, founder of the watchdog group Patient Privacy Rights, “not to give them to legions of contractors and strangers. Existing regulations are just not strong enough to protect Americans’ sensitive health information. Today’s electronic health systems are not safe or trustworthy.”"