Establishing Digital Trust: Don't Sacrifice Security for Convenience
The Washington Post reports that 2,000 Fairfax County Public School students' health records may have been exposed when a laptop and a briefcase were stolen from a health department employee's car on July 15, 2013 (h/t PHIprivacy.net).
Elementary school, middle school and high school students' names, school system identification numbers and medical conditions were contained in files on the laptop and papers in the briefcase.
According to health department policy, files containing personally identifiable information should be stored on encrypted portable drives. The employee is expected to face disciplinary action.
All affected students and their parents were sent letters and e-mails on Monday informing them of the breach.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
PHIprivacy.net notes that school health records are not protected by the Health Insurance Portability and Accountability Act (HIPAA) -- they're treated as education records under the Family Educational Rights and Privacy Act (FERPA).