Have you ever thought about your medical records ending up in USB keys, CDs or DVDs? Well thats what happens when your medical record is subject to a medical research. Information collected on your disease are saved in a repository for understanding trends and behaviours. This include your medical history and type of medication taken.
Some countries do have statutory requirements to protect personal identifiable information, however the custodians of such data does not care where they end. Clinical Researchers and Physicians are not aware of the ramifications due to loss of such information. Often such records are handled by under paid research assistants who are concerned more on the delivery of the end results of their research rather than the security of such records.
Your medical records are stored in-clear in the laptops, USB storage devices and in the email applications such as Gmail, Yahoo Mail and Hotmail -they are not encrypted.
It should be made mandatory on all custodians of such data to encrypt or obfuscate so that the records cannot be traced back to an individual in case they are stolen.
Should I be concerned that someone had already dissected my health information and is operating on it? May be! So much for the great excel application from Microsoft!