The latest data breach in the HSE has resulted in the medical records of up to 1,500 individuals being compromised.
It is understood that a private IT contractor who was supervised by a HSE staff member downloaded the records on to an unencrypted USB Key and brought the device home that night. He then later emailed the records to a mistyped email address.
An internal investigation within the HSE is said to be underway however the patients whose information has been compromised have not been informed.
October 19th, 2010 at 6:05 pm
Are there any standards to protect medical records similar to the PCI DSS requirements?
October 20th, 2010 at 8:37 am
There are no set standards Ahmad, only some vague guidelines from the Data Protection Commissioner and a so called obligation, which nobody seems to understand, to secure this kind of sensitive information.