@Article{信息:doi 10.2196 / / jmir.9.3。e24,作者="El Emam, Khaled and Neri, Emilio and Jonker, Elizabeth",标题="二手个人电脑磁盘驱动器中个人健康信息残留的评估",期刊="J Med Internet Res",年="2007",月="Sep",日="30",卷="9",数="3",页数="e24",关键词="隐私;保密制度;安全;背景:公众关注他们健康信息的隐私,特别是随着越来越多的信息通过电子方式收集、存储和交换。但我们不知道数据保管人泄露个人健康信息(PHI)的程度。数据泄露的一种形式是通过医疗机构或在这些机构工作的个人出售、捐赠、丢失或被盗的计算机设备。先前的研究表明,从二手磁盘驱动器中获得敏感的个人信息(PI)是可能的。然而,目前还没有研究以这种方式研究PHI的泄漏。目的:本研究的目的是确定从二手计算机磁盘驱动器中获得PHI的程度。 Methods: A list of Canadian vendors selling second-hand computer equipment was constructed, and we systematically went through the shuffled list and attempted to purchase used disk drives from the vendors. Sixty functional disk drives were purchased and analyzed for data remnants containing PHI using computer forensic tools. Results: It was possible to recover PI from 65{\%} (95{\%} CI: 52{\%}-76{\%}) of the drives. In total, 10{\%} (95{\%} CI: 5{\%}-20{\%}) had PHI on people other than the owner(s) of the drive, and 8{\%} (95{\%} CI: 7{\%}-24{\%}) had PHI on the owner(s) of the drive. Some of the PHI included very sensitive mental health information on a large number of people. Conclusions: There is a strong need for health care data custodians to either encrypt all computers that can hold PHI on their clients or patients, including those used by employees and subcontractors in their homes, or to ensure that their computers are destroyed rather than finding a second life in the used computer market. ", issn="1438-8871", doi="10.2196/jmir.9.3.e24", url="//www.mybigtv.com/2007/3/e24/", url="https://doi.org/10.2196/jmir.9.3.e24" }