BreachExchange mailing list archives
followup: Kaiser Letter
From: security curmudgeon <jericho () attrition org>
Date: Wed, 6 Dec 2006 21:42:04 -0500 (EST)
http://attrition.org/dataloss/2006/11/kais01.html This is the letter sent out, presumably to ~ 38,000 people. Typos are my own. -- November 13, 2006 Dear [name], I am writing to inform you that a laptop computer was stolen from the trunk of an employee's automabile on October 4, 2006 that contained information about you. The employee reported the theft to the police and Kaiser Permanente is cooperating with their investigation. While we believe the risk is limited, there is a possibility that the information on the stolen device could be accessed. Therefore we wanted you to know what information was on it. The laptop device contained your name, medical record number, age, date of birth, sex, indicators related to industry standard health plan performance measures, information about your deductibles and co-pays, and your primary care provider's name. [bold]Your Social Security number was _not_ included in your information.[/bold] Kaiser Permanente respects your right to file a complaint. If you have any questions, concerns or wish to file a complaint, please contact us at (1-866-529-0813) (TTY (303)338-3820). You also have the right to contact the Department of Health and Human Services through the Office for Civil Rights at 1-800-368-1019. On behalf of Kaiser Permanente, I offer our sincerest apology that this unfortunate incident occurred. I assure you that safeguarding your medical information is one of our highest priorities. Thank you for your understanding in this matter. Again, if you have any questions regarding this incidents, please call us at (1-866-529-0813) (TTY (303)338-3820). Very truly yours, [signature] Barbara Collura Privacy and Security Officer - Colorado Region Enclosers --- One item was enclosed, a multiple page handout dated April 2006 offering information and notification of privacy practice. I called the number above at 6:55pm MST and the recording said to leave my name and number and a member's services representative trained to answer your questions would call me back between 5pm and 7pm. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 142 million compromised records in 495 incidents over 6 years.
Current thread:
- followup: Kaiser Letter security curmudgeon (Dec 06)