Once again into the (data) breach: 'September Song' edition

Oh, it’s a long, long while from May to December
But the days grow short when you reach September

‘September Song’, Weill/Anderson

Ed. Donna has lately been summertime-quiet on data breaches [TA 26 May, 25 Feb, 6 Jan] but the changing season brings more Tylenol (Panadol)-worthy news for HIT staffs. Data for 20,000 emergency room patients at Stanford University Hospital in Palo Alto, California, including names and diagnosis codes, was posted on a commercial website for nearly one year. Cause? A wandering spreadsheet from a vendor. The larger picture is not pretty. According to the New York Times, HHS was notified of 306 cases from September 2009 to June 2011 that affected at least 500 people apiece, along with 30,000 smaller breaches September 2009 – December 2010 which affected more than 72,000 people. At minimum, that is 225,000 people affected. Modern Healthcare (subscription required) via Kaiser Health News.

And before UK readers feel smug: NHS criticised for further data breaches.