topic How *not* to do patient privacy in Industry News https://community.isc2.org/t5/Industry-News/How-not-to-do-patient-privacy/m-p/28059#M3462 <P>Sensitive medical information of patients being admitted to certain hospitals across the Greater Vancouver Area is being <A href="https://openprivacy.ca/blog/2019/09/09/open-privacy-discovers-vancouver-patient-medical-data-breach/" target="_blank" rel="noopener">broadcast, unencrypted, by hospital paging systems</A>, and these broadcasts are trivially easy to intercept by anyone in the region.</P> Sat, 14 Sep 2019 17:30:29 GMT rslade 2019-09-14T17:30:29Z How *not* to do patient privacy https://community.isc2.org/t5/Industry-News/How-not-to-do-patient-privacy/m-p/28059#M3462 <P>Sensitive medical information of patients being admitted to certain hospitals across the Greater Vancouver Area is being <A href="https://openprivacy.ca/blog/2019/09/09/open-privacy-discovers-vancouver-patient-medical-data-breach/" target="_blank" rel="noopener">broadcast, unencrypted, by hospital paging systems</A>, and these broadcasts are trivially easy to intercept by anyone in the region.</P> Sat, 14 Sep 2019 17:30:29 GMT https://community.isc2.org/t5/Industry-News/How-not-to-do-patient-privacy/m-p/28059#M3462 rslade 2019-09-14T17:30:29Z Re: How *not* to do patient privacy https://community.isc2.org/t5/Industry-News/How-not-to-do-patient-privacy/m-p/28065#M3467 <BLOCKQUOTE><HR /><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/1324864413">@rslade</a>&nbsp;wrote:<BR /><P>Sensitive medical information of patients being admitted to certain hospitals across the Greater Vancouver Area is being <A href="https://openprivacy.ca/blog/2019/09/09/open-privacy-discovers-vancouver-patient-medical-data-breach/" target="_blank" rel="noopener">broadcast, unencrypted, by hospital paging systems</A>, and these broadcasts are trivially easy to intercept by anyone in the region.</P><HR /></BLOCKQUOTE><P>Under US law, that would be a gross violation of <STRONG><A href="https://www.hhs.gov/hipaa/index.html" target="_blank" rel="noopener">HIPAA</A></STRONG>. Does Canada have a similar patient privacy law? HIPAA fines can be grotesquely high.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sat, 14 Sep 2019 21:45:33 GMT https://community.isc2.org/t5/Industry-News/How-not-to-do-patient-privacy/m-p/28065#M3467 CraginS 2019-09-14T21:45:33Z