The University of Iowa Hospitals & Clinics accidentally posted personal information online for 5,300 patients for two years. The posting was reported in April, and the files were deleted two days later. The information included names, admission dates, and medical records, but not Social Security or credit-card numbers.