I’ve seen sloppy. And I know reckless when I see it.  And this health data blunder is about the worse case of both I’ve ever seen with deeply personal medical data for millions.

A report reveals the private medical images and personal health data belonging to millions of Americans are unprotected online and able to be seen by anyone with basic computer expertise.

CT Scans, X-Rays and MRIs are there in the wild open parts of the web according to a report from Propublica.  Records covered 5 Million+ patients in the U.S. alone and millions more worldwide. Research found 187 servers in the U.S. that were unprotected by basic security measures.

That’s right, no password and no active encryption.  Although there is no evidence yet that medical records were stolen or manipulated, it is in violation of HIPPA laws designed to prevent this very careless failure.

What personal medical data was unprotected

  • X-Rays
  • MRIs
  • CT Scans
  • Patient Names
  • Doctor Names
  • Medical notes including detailed diagnoses

How to know if you were affected

This affects medical data from doctors’ offices, medical imaging centers and mobile X-ray services.

In one instance a server operated by MobilexUSA allowed 1 million patents’ names, date or birth, doctors’ names and procedures to be displayed.  MobilexUSA increased its security in response to the report.

Tip:  Ask your doctor’s office if they have experienced any data breaches.

If you have sensitive medical data especially images, ask your healthcare providers if their medical data is stored securely.  It is their obligation to protect your health information and keep everything confidential.  Healthcare providers are mandated to securing your medical records.

Print Friendly, PDF & Email