Beth Israel warns of 2,000-patient data breach

July 20, 2011
by Brendon Nafziger, DOTmed News Associate Editor
Beth Israel Deaconess Medical Center said Tuesday it was warning more than 2,000 patients about a possible security breach, after a virus-infected computer began transmitting confidential patient information to an unknown location.

The Boston-based hospital said the computer, stored in a locked room, contained names, medical record numbers, gender, date of birth and what radiology procedures were performed. No Social Security numbers or financial data were stored on the computer, BIDMC said.

Hospital staff shut down the computer as soon as they realized it had the virus, BIDMC said. The computer was infected after an unnamed vendor failed to restore security controls following routine maintenance, according to the hospital.

"Updated security controls were also installed and activated to prevent viruses from being installed," Dr. John Halamaka, the hospital's chief information officer, said in a statement. "BIDMC has also worked closely with its vendor representative to ensure that an incident such as this does not re-occur."

The hospital has set up a hotline (877-615-3765) for affected patients, who will also receive free identity protection services for one year.