BCBS loses laptop

http://blogs.usatoday.com/technologylive/2009/10/missing-laptop-contains-data-on-800000-doctors.html

1) BCBS is willing to overlook basic security measures for its data

2) BCBS is willing waste money on laptops, which violate basic security

3) For conspiracy theorists: BCBS "leaked" this info because doctors no longer back up BCBS' stance against single-payer, public option, etc.

I dropped out of BCBS about 14 years ago. I will be interested in finding out if they "lost" my personal info too.

But don't worry, I'm sure this would never happen to patients' info. Especially since EMR is supposed to increase. Ignorance Is Strength.

somebody would get wise? Maybe keep their data on a thumb drive or something?

I am SO looking forward to the day when all of our medical records are computerized for the world to steal.

"1) BCBS is willing to overlook basic security measures for its data"

No. An employee broke security protocol.

"2) BCBS is willing waste money on laptops, which violate basic security"

What? Laptops do not violate basic security.

"3) For conspiracy theorists: BCBS "leaked" this info because doctors no longer back up BCBS' stance against single-payer, public option, etc."

ummmm yeah. BCBS had an employee fake not only his car being broken into but also broke into a bunch of other cars just to release this data. Sheesh, the way people see CT's everywhere amazes me.

According to the original article:

"The data set was stored on a laptop that was stolen from a car, which was one of several cars in the immediate vicinity that were vandalized,"

This tells me that the data was not formatted (it is in a data set). So, anyone looking at it would not know the layout of the data. Some things would be easy to pick out, name, address, things that are spelled out but... Things like SSN can be much harder depending on what else is on each record. Also, since the data set was downloaded from the mainframe, it is very likely it is not even in character format so the thief would also need to know how to look at comp or comp-3 data.

wasn't an application on that laptop that could read the data. So...the data would be visible.

It is a possibility but does not need to be true. It is probably read by a web application that resides on their servers.

Lots of doctors and other health care providers info got stolen. My name, ss#, NPI#, address are now somewhere they shouldn't be.

It was a funny letter, ending telling what protocols and encryptions are in place to prevent this from happening. Sucks.