Monday, December 13, 2004
As reported in last Friday's edition of the Sacramento Bee, "[n]early 200 patients at UC Davis Medical Center had private medical information made public last weekend after answers to an online customer satisfaction survey were accidentally shared with other respondents." The article continues:
Patients who use the Internet to schedule appointments, refill prescriptions and contact physicians were asked in the survey to provide zip code, e-mail address, age and gender. Among other things, the survey asked how many prescriptions patients fill and whether they had a chronic medical condition.
By mistake, the survey also had a link that patients could click to see complete survey responses from others who'd filled out the questionnaire.
The computer glitch was quickly caught and fixed. But medical privacy experts at UC Davis and elsewhere said Thursday that the inadvertent disclosure of medical information violated the spirit, if not the letter, of state and federal patient privacy laws.