Apr 07 2010

NorCal’s John Muir hospital warns of breach

Category: hipaa,Security BreachDISC @ 12:35 am

thieves like cake and laptops
Image by Sparticus via Flickr

The Associated Press
Posted: 04/06/2010 08:31:15 AM PDT

WALNUT CREEK, Calif.—More than 5,000 patients in the John Muir hospital system have been warned of a potential security breach after two laptop computers that contained personal and health information were stolen.

The laptops were stolen from a perinatal office in Walnut Creek in February. The 5,450 potentially affected patients were sent letters Monday. Hospital officials say there have been no reports that patient information has been accessed.

John Muir Health vice president and privacy officer, Hala Helm, says the laptops were password-protected and contained data in a format that would not be readily accessible.

Officials have arranged free identity theft protection for a year and recommend people place a fraud alert on their credit files.


Information from: Contra Costa Times

Tags: Contra Costa Times, Identity Theft, john Muir Hospital, laptop stolen, Patient files stolen, Walnut Creek

Feb 03 2010

UCSF laptop containing patient files stolen

Category: hipaa,Security BreachDISC @ 3:46 pm

UC Berkeley-UCSF Joint Medical Program
Image via Wikipedia

The Associated Press

SAN FRANCISCO—The medical records of more than 4,000 patients at the University of California, San Francisco may have been compromised after a laptop they were on was stolen.
Officials with the university said Wednesday the laptop was recovered earlier this month after it was taken from a medical school employee during a flight in November. It does not appear that anyone gained access to the computer or the confidential patient information, but officials say the records still could have been exposed.

The files contained patients’ names, medical record numbers, ages and clinical information, but no Social Security numbers or financial data.

School officials say they are notifying the 4,400 patients whose records were on the computer. They were all treated in 2008 and 2009.
Information from: San Francisco Chronicle, http://www.sfgate.com/chronicle

Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Evaluate your current business and system risks to make sure this does not happen to you.

Contact DISC for any question if you think, this may apply to you.

The Practical Guide to HIPAA Privacy and Security Compliance

Tags: arra and hitech, confidential patient information, Data, hipaa, Medical record, medical records breach, Medicine, Patient files stolen, San Francisco, San Francisco Chronicle, UCSF, University of California San Francisco