Quantcast
Channel: Healthcare IT News - Electronic Health Records (EHR, EMR)
Viewing all articles
Browse latest Browse all 1989

Stolen laptop could mean compromised health records for NFL

$
0
0
The league incident, which involved an unencrypted computer, is the second in two years to require reporting to HHS.

The protected health information of thousands of football players may have been compromised after a backpack that held a laptop containing the digital medical records of NFL team members was stolen from the car of a Washington Redskins trainer.

The website Deadspin obtained an email from the NFL Players Association, sent to every team's player representative on May 27, informing them of the theft. The email indicates the laptop was password-protected, but unencrypted.

The laptop contained exam results for NFL combine attendees since 2004 and some Washington Redskins player records. The NFL combine is the league's annual scouting event.

The backpack was stolen April 15 in Indianapolis. Besides the laptop, it also reportedly contained a zip drive and paper records of medical exam results for NFL combine attendees and current Redskins players.

The incident is the second alleged breach the NFL has had to deal with in as many years. Back in July 2015, two employees of Jackson Memorial Hospital leaked the medical records of New York Giants defensive end Jason Pierre-Paul after a fireworks accident sent the football star to the hospital.

[Also: Two hospital employees fired for leaking Jason Pierre-Paul's record after fireworks mishap]

The email from the NFLPA noted the association has consulted with HHS about the incident.

Here is the full statement from the NFL regarding the stolen laptop:

Once we became aware of the theft, we promptly worked with the club and the NFLPA to identify the scope of the issue.

The club is taking all appropriate steps to notify any person whose information is potentially at risk. As the NFLPA memo confirms, the theft of data involves information maintained by one club and no information maintained by any club on the NFL Electronic Medical Records system was compromised and the theft is entirely unrelated to that system.

All clubs have been directed to re-confirm that they have reviewed their internal data protection and privacy policies and that medical information is stored and transmitted on password-protected and encrypted devices; and that every person with access to medical information has reviewed and received training on the policies regarding the privacy and security of that information.

We are aware of no evidence that the thief obtained access to any information on the computer that was stolen nor aware that any information was made public.


Viewing all articles
Browse latest Browse all 1989

Trending Articles