24,000 Psychiatric Patients’ Data Lost on Unencrypted USB Flash Drive

Our Lady of Peace, as psychiatric hospital in Louisville, KY, is notifying over 24,000 individuals after an unencrypted flash drive containing their personal information was lost in April 2010. New data breach notification rules under the HITECH act add teeth to previous rules under the HIPAA act. Now organization that suffer data breaches exposing data of 500 or more individuals must disclose these breaches within 60 days.

The unencrypted USB thumb drive memory stick contained data on patients admitted since 2002, and patients assessed since 2009.

This entry was posted on Monday, May 3rd, 2010 at 8:31 pm and is filed under Ironkey News. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.