Ensure security of patient records
Ohio’s medicinal marijuana program seemed to be operating without a hitch — until last week. Then, a Seattle internet privacy company revealed it had been able to access confidential information online about more than 30,000 medicinal marijuana patients in several states. The company, vpnMentor, said it had found unsecured patient information in a database used by several companies, including one that operates some medicinal marijuana dispensaries in Ohio.
That firm does not operate dispensaries in this region of Ohio, however.
According to an Associated Press report, the unsecured database was closed earlier this year.
The revelation should be of concern to Ohioans and to state government. To the long list of requirements for those involved in the medicinal marijuana industry, evidence that records are kept secure may have to be added. If it exists already, state officials should investigate why vpnMentor was able to hack into the online database to access information.