Personal data from 'thousands' of NY hospital patients on Internet
by Brendon Nafziger
, DOTmed News Associate Editor | September 27, 2010
New York-Presbyterian Hospital/Columbia University Medical Center said Monday afternoon that personal information, including at least 10 Social Security numbers, were "inadvertently" made publicly accessible on the Internet.
Hospital officials said in a statement that information from 6,800 patients was accidentally posted on a server, according to reports from Fox News and The New York Times. The hospital has since removed the information, the media reports said.
Information briefly visible included names, ages, blood pressure and heart rates, although not full medical records, a New York-Presbyterian spokeswoman said, according to Fox.
Exposed data had all come from patients who had been in the intensive care unit at the hospital over the last few years, the Times said.
The mistake happened in early July, and was discovered when a patient’s relative spotted the information on the Internet, the Times said. The hospital said it delayed announcing the goof until Monday because of an investigation.
The hospital added that the privacy breach appears to be a mistake, without criminal motive, and that there’s no evidence any of the information has been "improperly used."
"We are in the process of informing all affected patients and have set up a hot line for patients to call if they have questions," the hospital said.
Affected patients can call 866-523-6760 or visit www.NYPSecure.com.