Stanford Hospital Suffers 20,000 Patient Data Leak
Original post made by Bob, Menlo Park, on Sep 8, 2011
Suffers Comically Stupid Patient Data Leak
How the hell did 20,000 sensitive patient records from Stanford University's hospital end up posted to a college tutoring website for almost a year? It looks like some lazy billing company employee uploaded it themselves.
20,000 ER patient records from Stanford University's hospital contained "names, diagnosis codes, account numbers, admission and discharge dates, and billing charges for patients," in a spreadsheet which was created for a billing contractor, according to the New York Times.
These documents were posted to the crowdsourced homework helper website Student of Fortune on Sept. 9, 2010. Student of Fortune lets lazy college students offer bounties for people to help them with their schoolwork. In this case, the records were posted "as an attachment to a question about how to convert the data into a bar graph."
So, what seems to have happened is: this spreadsheet with patient names and diagnoses was given to some peon at the billing contractor who was tasked with turning it into a bar graph. They had no idea how to do it, and were too lazy to google it, so they uploaded it to the homework helper website and offered, probably, a buck or two if someone could do it for them.
Laziness. Laziness always wins.