Stolen hardware, and particularly laptops, is still a very common cause for data breaches, especially when it comes to hospitals and other healthcare companies. Three recent incidents have all involved patient details being exposed to identity theft, fraud and other risks, after being taken together with laptops held in medical offices.
While in some cases the stolen portable computers happened to be password protected, none of them had been encrypted to better prevent access to stolen private records.
Stolen laptop exposes medical data of over 2,000 patients
A laptop computer containing medical data for 2,070 people was stolen on December 2011 from healthcare provider Triumph LLC . The company which provaides psychiatric evaluations, medication monitoring, clinical assessments and outpatient therapy and is based in Raleigh, notified its clients and their families of the breach through letters mailed.
The laptop was stolen from the office of a Triumph manager at its operation at 725 N. Highland Ave. in Winston-Salem. The password-protected laptop, contained patient information such as names, dates of birth, medical record numbers, insurance and Medicaid numbers, billing codes and authorization status.
Laptop stolen from podiatry clinic contained data on 1,500 patients
A laptop, containing unencrypted personal and medical information beloging to over 1,500 people, was stolen from the Walking On Air clinic in Gosport. Podiatrist Natasha Townsend said the laptop did have a password. According to Ms Townsend, the laptop contains notes regarding her patients and their medical records. The laptop was most probably taken by an opportunistic thief.
Laptop stolen in burglary exposes 900 Concentra patients
An unencrypted laptop was stolen from the Concentra Medical Center. The computer contained names and Social Security Numbers and pre-employment work-fitness test results of approximately 900 Concentra patients from the Springfield area.
Concentra representatives believe the information has not been used inappropriately, but they have notified all the patients whose information was on the computer, and will provide them free access to a credit-monitoring service.