The University of Louisville in Kentucky on June 2 posted a public notice of a data breach in which protected health and financial information from its kidney disease program was posted on a publicly accessible website for 19 months.
According to local media reports, a physician who set up the site believed it was protected. Because of a programming error, the physician and an assistant entered data in October 2008 without knowing it was going on a public page. The site was not accessible without typing in the specific address, which would not be available through a search engine, a spokesperson told television station WLKY. What follows is the university's notice:
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access