HANOVER, NH — Through intentional or mistaken breaches, hospitals and insurers are allowing a large amount of private medical data onto P2P networks such as Gnutella and Limewire, according to a report just released by M. Eric Johnson, an expert in cybersecurity and privacy at the Tuck School of Business at Dartmouth.  The paper will be published later this month in Financial Cryptography & Data Security.

The study, funded by the U.S. Department of Homeland Security, found that as much of 5 percent of easily found medical data on P2P networks can be used for medical identify theft.

In August on the Tuck campus in Hanover, New Hampshire, I interviewed Professor Johnson on his findings.  Some of the findings are referenced today in a big feature on the rise in privacy theft in USA TodayThe Wall Street Journal also explores the topic.

— Andy Plesser, Executive Producer

Disclaimer:  The Tuck School of Business at Dartmouth is public relations client of Plesser Associates.

Update 1/30/09 – Jaikumar Vijayan at Computerworld has an article out today about Eric Johnson’s study.