One In Four Indiana Residents' E-Record Data Exposed in Hack

Reader chicksdaddy reports that a data breach involving four million patients and more than 230 different data holders (from private practices to large hospitals) hit Indiana especially hard. It's the home state of Medical Informatics Engineering, maker of electronic records system NoMoreClipBoard. While data exposed in the breach affected 3.9 million people, 1.5 millon of them are in Indiana. According to the Security Ledger, though: [The] breach affects healthcare organizations from across the country, with healthcare providers ranging from prominent hospitals to individual physicians' offices and clinics are among 195 customers of the NoMoreClipboard product that had patient information exposed in the breach. And, more than a month after the breach was discovered, some healthcare organizations whose patients were affected are still waiting for data from EMI on how many and which patients had information exposed.

'We have received no information from MIE regarding that,' said a spokeswoman for Fort Wayne Radiology Association (http://www.fwradiology.com/), one of hundreds of healthcare organizations whose information was compromised in the attack on MIE..

Not good enough!

Only one in four? Lame. They need to sweep up the other 75% of medical records from Indiana. Go big or go home!

Re:HIPAA is irrelevant... attacks are past stoppin

[dbIII]

Spot on. I'll bet in both cases there are plenty of stupid shortcuts that would induce facepalms or "I told you so" on a lot of the readers here.
Last year I had one idiot ask to put the phone system he was sometimes called out to work on onto the internet with telnet access - with no password! Another wanted direct RDP access to a machine over the internet. Neither of course seemed to have heard of a VPN or gave a shit about security - people who actually do what these idiots say are probably going to get burnt within days with the number of bots out there scanning for stuff.