BreachExchange mailing list archives
IU Health Arnett laptop stolen
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Mon, 13 May 2013 09:04:23 -0400
http://www.jconline.com/article/20130510/NEWS03/305100032/IU-Health-Arnett-laptop-stolen?nclick_check=1 More than 10,000 patients of Indiana University Health Arnett are receiving notifications that some of their personal information was on a laptop computer stolen last month. On Friday, the health care provider issued a press release stating the laptop was stolen from an employee’s car on April 9 in White County. After an internal investigation, IU Health Arnett said it determined that emails stored on the laptop hard drive may have contained patient names, dates of birth, physician names, medical record numbers, diagnoses and dates of service. The computer did not contain Social Security numbers, financial information or patient medical records, according to the statement. The laptop was password protected but not encrypted, and contained information affecting 10,300 patients, according to spokeswoman Kasey Fuqua. IU Health Arnett said it immediately contacted the White County Sheriff’s Office and continues to work with law enforcement, but the laptop had not been located as of Friday. IU Health Arnett stated it has no reason to believe the laptop information has been improperly accessed or used, but as a precaution began notifying patients on Friday. Patients may contact a support center by calling 888-722-0627 between 9 a.m. and 7 p.m., Monday through Friday To prevent similar situations, IU Health Arnett stated it is reviewing its policies and procedures. The health system has mandatory privacy and security training for all of its employees. The original release from IU Health Arnett did not explain why the theft was not made public until Friday. When asked that question, Fuqua issued the following statement: “Arnett is committed to maintaining the privacy and security of the patient information provided to us, and we worked hard to notify our patients as soon as possible. As soon as we learned of the theft on April 10, we immediately began a thorough internal investigation to determine which of our patients were affected and what information was included.” _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- IU Health Arnett laptop stolen Erica Absetz (May 13)