How many victims? 45,000.
What kind of personal information? Names, addresses, phone numbers, birth dates and Social Security numbers. In some cases, the data included billing and diagnosis information.
What happened?The contractor, who was performing an equipment upgrade, violated hospital policy when he downloaded the data onto the hard drive of a laptop.
What was the response?The hospital mailed notification letters to the victims. In addition, it plans to provide additional training to managers, conduct audits of portable devices and re-evaluate its security polices.
Details: The laptop was password protected but not encrypted. The hospital now plans to encrypt all of its computers. The contractor was fired.
Quote: "We work in an environment where protecting individuals' information is absolutely as important as providing quality service and care. Storing this type of information on a laptop hard drive is at variance with our organization's strict policies." - Hospital CEO Kelly Mather
Source: RecordBee.com, The Record-Bee (Calif.), "Stolen laptop holds private information," Dec. 10.