Patient PHI Inadvertently Added To GitHub Artic Code Vault – Expert Perspective

By   ISBuzz Team
Writer , Information Security Buzz | Apr 05, 2021 07:26 am PST

Findings from reveal that patient protected health information (PHI) stored by MedData — which serves healthcare organizations including Memorial HermannU. of ChicagoAspirus, and OSF Healthcare – has been stored in GitHub’s Arctic Code Vault – a decommissioned mine 250 meters deep in the permafrost of an Arctic mountain. A former employee was revealed to have saved files to personal folders in public repositories including GitHub. 

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
April 5, 2021 3:30 pm

<p>The revelation that personal information involved in a 2020 breach has wound up in a code archive, on film, stored in a repurposed coal mine in Norway, is fascinating. While it seems unlikely that this information will ever be accessed from the archive, that it happened at all points to the unintended permanency of data stored on the internet. The lesson here for any organization is that their data, especially sensitive data, needs to be protected before it gets into the wrong hands.  The saying \"the internet never forgets\" is especially true here, where this breached data will be around for a millennium.</p>

Last edited 2 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x