California-based Inland Empire Health Plan (IEHP) is notifying more than a thousand members that an unencrypted, password protected desktop computer containing personal information was stolen from Children's Eyewear Sight, a participating provider with IEHP that provides vision services.
How many victims? 1,030.
What type of personal information? Names, genders, IEHP member ID numbers, dates of birth, addresses, phone numbers, email addresses, dates of past or future appointments, names of doctors who provided optical prescriptions, and dates of purchases.
What happened? An unencrypted, password protected desktop computer containing the personal information of IEHP members was stolen from Children's Eyewear Sight, a participating provider with IEHP that provides vision services.
What was the response? Children's Eyewear Sight notified IEHP, which took steps to secure past, present and future data related to members. Local authorities were notified. All impacted individuals are being notified.
Details: The theft occurred on Oct. 28. A suspect has been apprehended.
Quote: “At this time, there is no evidence that the information has been accessed,” according to a notification posted to the IEHP website. “The desktop computer was password protected, but the data was not encrypted.”
Source: oag.ca.gov, “Breach Notification Sample,” Jan. 9, 2015; iehp.org, “IEHP Reports Potential HIPAA Breach,” Jan. 9, 2015.