A patient at the New Hampshire Hospital used a computer in the hospital’s library to access personal information belonging to 15,000 people, some of which they then posted on social media.
The information included names, addresses, Social Security numbers and Medicaid identification numbers, the New Hampshire Department of Health and Human Services (DHHS) recently announced in a press release posted online Dec. 27, 2016.
When it first happened, a staff member observed the patient and reported it to a supervisor who then restricted access to library computers but the incident wasn’t reported to either hospital management, or to DHHS.
Nearly a year later, a hospital security official notified DHHS that the same person had posted confidential, personal information to a social media site. From there, “state officials and law enforcement were immediately informed, and the personal information was removed,” according to the press release. “As a result of the investigation to date, DHHS has determined that the breached files contain protected health information and personal information for as many as 15,000 DHHS clients who received services from DHHS prior to November 2015.”
The New Hampshire Union Leader covered the story and interviewed DHHS Commissioner Jeffrey Meyers who made it clear they didn’t believe anyone hacked into the computer network, but instead the information was “readily accessible on computers used by patients at the state’s psychiatric hospital,” according to the story. Only a handful of the compromised files found their way to site like Facebook, and it has since been removed, Meyers told the Union Leader.
“Meyers described the computer used in the data breach as a ‘legacy computer’ that had been set up years ago specifically for patient use at New Hampshire Hospital in Concord, long before the first signs of the data breach surfaced in October 2015,” according to the story.
“It’s deeply troubling to me that a computer was configured in a manner that allowed a patient to access non-public information in this manner,” Meyers told the Union Leader.
Are you covered for identity theft?
Image: Pixabay