Beranda MMR Forum Komunikasi Mahasiswa MMR UMY
Picture of riska yulinta viandini
Tugas E-Hospital
by riska yulinta viandini - Tuesday, 14 February 2012, 03:57 PM
 
Case 1

Detroit hospital suffers second data breach within a year

02 March 2011

An employee at the Henry Ford Health System lost a flash drive containing information on 2,777 patients, the second data breach at the Detroit hospital in less than a year.

The 2,777 patients were tested for urinary tract infections between July and October 2010; the lost information included names, medical record numbers, and test results, but not social security numbers or medical histories, according to a report by the Detroit Free Press.

Meredith Phillips, Henry Ford's chief privacy officer, said there was no evidence the flash-drive data were misused.

This is the second patient data breach at the hospital in a year, the paper said. In September, a Henry Ford employee's laptop was stolen from an unlocked office. The computer contained unsecured information related to prostate services that patients received between 1997 and 2008.

The hospital told the US Department of Health and Human Services that the breach involved 3,700 patients.

Hospital employees face suspension or termination if they're involved in "situations in which personal health information is left unsecured on electronic devices such as computers, smart phones or flash drives," Henry Ford said.

Since October 2009, there have been nine patient data breaches at Michigan hosptials involving records of more than 115,000 patients, according to the paper.

Translate :

Seorang karyawan di Sistem Kesehatan Henry Ford kehilangan flash drive yang berisi informasi pada 2.777 pasien, pelanggaran data kedua di rumah sakit Detroit dalam waktu kurang dari setahun.

Para 2.777 pasien diuji untuk infeksi saluran kemih antara Juli dan Oktober 2010; informasi yang hilang termasuk nama, nomor rekam medis, dan hasil tes, tetapi tidak nomor jaminan sosial atau sejarah medis, menurut sebuah laporan Press Panduan Detroit.

Meredith Phillips, petugas privasi kepala Henry Ford, mengatakan tidak ada bukti flash-drive data disalahgunakan.

Ini adalah pelanggaran data pasien kedua di rumah sakit dalam satu tahun, kata suratkabar tersebut. Pada bulan September, laptop Henry Ford karyawan dicuri dari kantor terkunci. Komputer berisi informasi tanpa jaminan yang terkait dengan layanan prostat yang pasien menerima antara tahun 1997 dan 2008.

Rumah sakit mengatakan kepada Departemen Layanan Kesehatan dan Manusia bahwa pelanggaran melibatkan 3.700 pasien.

Karyawan rumah sakit menghadapi suspensi atau penghentian jika mereka terlibat dalam "situasi di mana informasi kesehatan pribadi dibiarkan tanpa jaminan pada perangkat elektronik seperti komputer, ponsel pintar atau flash drive," kata Henry Ford.

Sejak Oktober 2009, telah ada data pasien sembilan pelanggaran di hosptials Michigan melibatkan catatan lebih dari 115.000 pasien, menurut kertas.


Case 2

Mass General takes $1 million hit for losing 193 patient records

25 February 2011

Following closely on the heels of its first Health Insurance Portability and Accountability Act (HIPAA) privacy rule fine, the Department of Health and Human Services (HHS) has doled out a $1 million fine against Massachusetts General Hospital for a data breach involving 192 patients begin treated for infectious diseases.

HHS levied the fine on Mass General for a data breach involving the loss of documents containing names and medical record numbers of 192 patients at the hospital’s Infectious Disease Associates practice, as well as billing forms that included names, dates of birth, medical record numbers, health insurers and policy numbers, diagnosis, and names of provider for 66 of those patients. The practice treats patients with HIV/AIDS, as well as other infectious diseases.

According to HHS, the documents, which were not recovered, were left by a Mass General employee on the subway on March 9, 2009.

The HIPAA privacy rule requires health care providers to protect the privacy of patient information through administrative, physical and technical safeguards, HHS said.

In addition, Mass General agreed to take actions to prevent future data breaches, including implementing a set of policies and procedures regarding information that is removed from the hospital’s premises, training personnel on these policies and procedures, and designating the hospital’s director of internal audit services to serve as an internal monitor to assess the hospital’s HIPAA compliance and produce semi-annual compliance reports to HHS for three years.

Translate :

HHS dikenakan denda pada Umum Misa untuk pelanggaran data yang melibatkan hilangnya dokumen yang berisi nama dan nomor rekam medis dari 192 pasien di Penyakit Infeksi praktek rumah sakit Associates, serta bentuk-bentuk tagihan yang mencakup nama, tanggal lahir, nomor rekam medis, asuransi kesehatan dan nomor kebijakan, diagnosis, dan nama-nama penyedia untuk 66 orang pasien. Praktek memperlakukan pasien dengan HIV / AIDS, serta penyakit menular lainnya.

Menurut HHS, dokumen-dokumen, yang belum pulih, ditinggalkan oleh seorang karyawan Umum Misa di kereta bawah tanah pada tanggal 9 Maret 2009.

Aturan privasi HIPAA memerlukan penyedia layanan kesehatan untuk melindungi privasi informasi pasien melalui pengamanan administrasi, fisik dan teknis, HHS kata.

Selain itu, Misa Umum setuju untuk mengambil tindakan untuk mencegah pelanggaran di masa depan data, termasuk melaksanakan serangkaian kebijakan dan prosedur mengenai informasi yang akan dihapus dari tempat rumah sakit, personil pelatihan tentang kebijakan dan prosedur, dan menunjuk direktur rumah sakit jasa internal audit untuk melayani sebagai monitor internal untuk menilai rumah sakit kepatuhan HIPAA dan menghasilkan setengah tahunan laporan kepatuhan untuk HHS selama tiga tahun.