OrthoCare Medical Equipment notifies 93 patients of breach

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.phiprivacy.net/?p=12238

Have I ever mentioned that I’m old, and I forget things?

Thanks to Healthcare IT News for reminding me that I should have
mentioned a recent breach involvingOrthoCare Medical Equipment, LLC.
I had posted it to DataLossDB.org, but forgot to post it here.

On February 14, OrthoCare learned that a binder with 93 patients’
information had been stolen. The firm does not indicate where the
theft occurred – whether it was from an office or an employee’s car,
etc.  OrthoCare is headquartered in Lebanon, NH, but only one of the
individuals affected is a New Hampshire resident.  The firm maintains
a number of offices, including  Boston, however, where the   theft was
reported to the Boston Police.

Information in the binder included patients’ names, addresses,
telephone numbers, dates of birth, Medicare or health insurance plan
number, physician’s name, orthopedic-related diagnoses, and
items/equipment provided by OrthoCare.  The firm had scanned copies of
many of the documents and/or was otherwise able to reconstruct the
information, but the theft serves as another reminder that   paper
records can provide a gold mine of information for identity thieves.

OrthoCare notified the New Hampshire Attorney General’s Office on
March 25 that notification letters would go out on March 27 and that
the firm was offering those affected free credit monitoring and
restoration services.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.