BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Stolen Gibson General laptop may have had patient info

From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Mon, 31 Dec 2012 14:18:39 -0600
http://www.tristate-media.com/pdclarion/article_d29d5b90-513c-11e2-b750-001a4bcf887a.html

PRINCETON—A laptop containing personal information on thousands of
patients was stolen, Gibson General Hospital officials announced
Friday.

The laptop and other items were reported stolen from a hospital
employee’s home on Nov. 27, according to press release from the
hospital.

The laptop hasn’t been recovered, though, it had security features,
including password protection.

They report the laptop contained sensitive patient information, such
as name, address, social security numbers and clinical information.

On Dec. 26, the hospital mailed letters to the 29,000 patients they’ve
had since January 2007 – when the hospital implemented their
electronic records system – to alert them to the theft.

“There is no evidence to believe that the data on the laptop was the
target of the theft or that any information has been or will be
accessed for fraudulent purposes,” said Emmett Schuster, Gibson
General Hospital president and CEO, in the release.  The laptop was
stolen with other household goods and items.

The laptop was used by an employee whose job requires anytime-access
to the hospital’s electronic medical records system.

The patient information accessed on the stolen laptop could have been
automatically saved to the laptop by the software used to access the
information.

Without the laptop, hospital officials don’t know whose personal
information was compromised, so they alerted every patient in the last
five years to the issue.

Call 1-866-221-0155 from 9 a.m. - 7 p.m., Monday through Friday for
people who have questions regarding this issue, and an FAQ is
available at www.GibsonGeneral.com.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: