Boston Data Breach Might Affect 800,000

Back-up computer files with personal information on about 800,000 people who were patients, employees and volunteers at the Boston area’s South Shore Hospital were not destroyed in a data dump and may be lost by the data manager it hired, the Boston Globe has reported.

The hospital has advised Massachusetts and federal officials that records for people associated with the hospital between Jan. 1, 1996, and Jan. 6, 2010, were not completely destroyed when sent out for eradication in February. The records could have included names, addresses, phone numbers, dates of birth, Social Security numbers, driver’s license numbers, medical record numbers, diagnoses and other personal information.

The Boston Herald reported that South Shore, in Weymouth, Mass., has ceased the offsite destruction of back-up computer files and is putting in place policies to ensure that a similar situation cannot occur. The investigation into the matter is ongoing.

“I am deeply sorry that these files may have been lost,” said Richard H. Aubut, South Shore Hospital president and chief executive officer. “Safeguarding confidentiality is fundamental to our mission of healing, caring and comforting. I recognize that this situation is unacceptable and would like to personally apologize to all those who have trusted us with their sensitive information.”

Boston’s WCVB-5 TV reported that formal notification letters will be sent to potentially affected people in the next several weeks, after the hospital assesses the membership of the large list. The hospital is now advising those possibly affected to call 877-322-8228 toll free and place a fraud alert on their credit report with one of the three major credit reporting agencies.

Information is also available on the hospital’s Web site and through a toll-free information line, at 877-309-0176.