Brigham and Women's Hospital is notifying 999 neurology and neurosurgery patients that their medical information may have been on a laptop and cell phone stolen from a doctor in an armed robbery on Sept. 24.
Although the devices were encrypted, the assailants forced the victim to disclose the pass codes during the robbery. The data contained on the devices included information of 999 patients who received treatment at BWH’s Neurology and Neurosurgery programs between October 2011 and September 2014, as well as a small number of individuals participating in research studies. The data on the devices includes patient names or partial names, and may also include one or more of the following: medical record number, age, medications, and information about diagnosis and treatment.
The hospital declined to say where the holdup occurred, except that it was not at the hospital.
BPD records show two gunpoint holdups that day: One at Jersey Street and Park Drive in the Fenway and the other one part of a series of armed holdups around Jamaica Pond, on Perkins Street.
Like the job UHub is doing? Consider a contribution. Thanks!
Ad:
Comments
Profit margin, sensitive info
By ECG
Tue, 11/18/2014 - 4:09pm
>could have chucked the HD, purchased a new cheap one (<$100), sell the laptop for $200 and still make a profit
-They're criminals, not entrepreneurs. Why would they take $100 when they can take $200 with a little extra thuggery?
>Interesting that of all the people in the city carrying laptops in laptop cases in pubilc that a doctor whose laptop contains confidential patient information should be the victim.
-I'm guessing that there are plenty of laptops in this city that contain more sensitive or valuable information than what was on that one. (No disrespect to patient files.)
Why would a crook reduce his
By JR
Tue, 11/18/2014 - 4:52pm
Why would a crook reduce his profit by $100 when he could just demand the password from the guy?
Hard Drive
By anon
Wed, 11/19/2014 - 2:02am
I worked for a lab that rented out equipment from Partners. In order to use a computer on their network- even if it doesn't have patient data on it, even if it had nothing to do with them- it has to be encripted with this incredibly invasive encription client in order to get on their network. It's in the BIOS, on the motherboard, so you simply can't swap out the hard drive, and if you forget to update your password periodically, it bricks your computer. It was so invasive that the lab purchased two communal-use laptops exclusively for taking to Partners and prohibited people from using their own.
One researcher left a personal-but-employer-issued laptop in a drawer when she moved onto another job, the password expired, the computer was bricked, and Partners IT refused to fix it unless we met some impossibly stringent forms of proof that we were the rightful owners of said laptop. Our funding admins got involved because with the computer bricked, the data on it was locked in, which was a violation of the terms of the funding from the issuing agency that could have resulted in penalties or sanctions. It was a nightmare.
So yeah, I doubt this guy was being willy-nilly with his patient data.
fundamental flaw
By from brighton
Tue, 11/18/2014 - 3:02pm
Why is sensitive patient data even stored locally on the HD?
Sensitive data should never be stored or cached locally!
Is the Internet rationed at Brigham and Women's that the doctor needs the data locally?
See comment
By SwirlyGrrl
Tue, 11/18/2014 - 3:43pm
Above
I still don't understand why
By Hyde_Parker
Tue, 11/18/2014 - 4:05pm
I still don't understand why the data are stored on that particular computer. See my above comment about my husband's remote-working situation. Why wouldn't such a setup work for a large hospital system?
because
By cybah
Tue, 11/18/2014 - 4:16pm
Sometime it is not possible. And sometimes it is far faster to work on a local copy of the same data. Some times internet is not avaliable. Sometimes VPN Connections not avaliable. Lots of reasons why it wasn't done remotely.
And frankly, sometimes internet is just not avaliable. As far as it may be for you to believe, there are still some places where internet is just not avaliable.
JP tree robbery/laptop.........
By PeyoteEatingWat...
Tue, 11/18/2014 - 4:34pm
Something about this story just doesn't add up at all, IMHO.
Which one sounds more
By JustinM
Tue, 11/18/2014 - 8:14pm
Which one sounds more pausible:
An evil research scientist hires a hit man to rob a rival doctor, knowing that that doctor has a specific set of patients and data about those patients would gain him an edge
************************* OR***************************
Criminal who steal phones and laptops sees a guy with a laptop case and robs him. Criminal knows most of these devices have passwords. If criminal is a computer genius he might be able to hack the laptop with some work, provided it isn't too strongly encrypted. Of course if he were a computer genius he probably wouldn't need to rob people. But he does have a gun, which is handy in getting people to tell you the password.
Update: Yes, doctor was tied to a tree
By adamg
Thu, 11/20/2014 - 7:06pm
Jamaica Plain News confirms.
Pages
Add comment