BreachExchange mailing list archives
Medical Center Reports Stolen Laptop
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Tue, 22 Jan 2013 13:18:51 -0500
http://www.lpch.org/aboutus/news/releases/2013/for-patients.html For Release: January 21, 2013 STANFORD, Calif. -- Lucile Packard Children’s Hospital at Stanford and the Stanford University School of Medicine are notifying patients by mail that a password-protected laptop computer containing limited medical information on pediatric patients was stolen from a physician’s car away from campus on the night of January 9, 2013. This incident was reported to Packard Children’s and the School of Medicine on January 10. Immediately following discovery of the theft, Packard Children’s and the School of Medicine launched an aggressive and ongoing investigation with security and law enforcement, and began contacting patients potentially affected. The medical information on the stolen laptop was predominantly from 2009 and related to past care and research. The patient data did not include financial or credit card information, nor did it contain Social Security numbers or any other marketable information. It did include names and dates of birth, basic medical descriptors, and medical record numbers, which are used only by the hospital to identify patients. In some cases, there was limited contact information. There is no indication that any patient information has been accessed or compromised. Packard Children’s and the School of Medicine continue working diligently with law enforcement to recover the laptop. Individuals potentially affected are being offered the option of free identity protection services, and a toll-free phone line has been established for any questions families may have. The number is (855) 731-6016, and is available Monday through Friday from 6 a.m. to 6 p.m. PST. Lucile Packard Children’s Hospital and the School of Medicine strive to be industry leaders in the area of medical information security. As a result of this incident, we are taking additional steps to further strengthen our policies and controls surrounding the protection of patient data, including redoubling our efforts to ensure that all computers and devices containing medical information are encrypted. Information page for patients: http://www.lpch.org/aboutus/news/for-patients.html About Packard Children’s Hospital Lucile Packard Children’s Hospital at Stanford is an internationally recognized 311-bed hospital, research center and leading regional medical network providing the full complement of services for the health of children and expectant mothers. In partnership with the Stanford University School of Medicine, our world-class doctors and nurses deliver innovative, family-centered care in every pediatric and obstetric specialty, tailored to every patient. Packard Children’s is annually ranked as one of the nation’s best pediatric hospitals by U.S. News & World Report and is the only Northern California children’s hospital with specialty programs ranked in the U.S. News Top 10. Learn more at www.lpch.org and about our continuing growth at growing.lpch.org. Like us on Facebook, watch us on YouTube and follow us on Twitter. About Stanford University School of Medicine The Stanford University School of Medicine consistently ranks among the nation’s top medical schools, integrating research, medical education, patient care and community service. For more news about the school, please visit http://mednews.stanford.edu. The medical school is part of Stanford Medicine, which includes Stanford Hospital & Clinics and Lucile Packard Children’s Hospital. For information about all three, please visit http://stanfordmedicine.org/about/news.html. Contact: Robert Dicks (650-497-8364, rdicks () lpch org) Michelle Brandt (650-723-0272, mbrandt () stanford edu) _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Medical Center Reports Stolen Laptop Erica Absetz (Jan 22)