Salt Lake City Assisted Living Center Posts 82 Patients' Information OnlineFOR IMMEDIATE RELEASE: February 6, 2008
Media Contact: Aaron Titus
SALT LAKE CITY, Utah. In January, 2008 Inspiration Hospice posted confidential information for 82 of its patients, and contact information for 185 caretakers on its website, inspirationhospice.com. The information was inadvertently put online in an Excel file which contained names, partial social security numbers, dates of birth, insurance numbers, medical diagnoses, addresses, phone numbers, prescriptions, and allergies, among other confidential information. The file also documented intensely personal wishes about when a patient wished to be resuscitated, family funeral plans, and even body donation. The personal nature of this exposure is particularly shocking.
When the Liberty Coalition discovered the file on January 17, 2008, it required a username and password to access, but a public copy persisted in Google's Cache for several days. Eventually the information was deleted from inspirationhospice.com and Google's cache. However, it is impossible to determine how many people accessed the file or search engine caches, or whether copies exist on other parts of the internet or on hard drives. By placing this information online, Inspiration Hospice has placed its patients at severe risk of identity theft, medical identity theft, fraud, or embarrassment.
Individuals affected by this exposure should immediately visit www.nationalidwatch.org and search for their names, to confirm what types of personal information were exposed. NationalIDWatch.org has a list of recommended steps victims should take.
National ID Watch is a search engine for personal information breaches. Sponsored by the Washington, DC non-profit Liberty Coalition, NationalIDWatch.org provides more than a million free personalized Identity Exposure Reports™ as a public service.
Each Identity Exposure Report (IXR) documents what types of personal information were exposed (such as Social Security Numbers, Birth Dates, Addresses, etc.), without revealing them. Each IXR also details the situation surrounding each exposure, and contact information of those responsible for the breach. Armed with this information, victims can further investigate, take action, or correct harm.