Stolen Desktop Computer Exposes Data Of Nearly 4 Million Patients

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/database-security/167901020/security/attacks-breaches/231903320/stolen-desktop-computer-exposes-data-of-nearly-4-million-patients.html

By Kelly Jackson Higgins
Dark Reading
Nov 17, 2011

A desktop computer stolen from healthcare organization Sutter Medical 
Foundation has potentially exposed the personal information of nearly 4 
million patients.

The password-protected but unencrypted machine contained a patient 
database. Ironically, the Sacramento, Calif.-based healthcare 
organization had been implementing encryption across the organization at 
the time of the theft. Unfortunately, the machine that was stolen was 
not yet encrypted.

“Sutter Health holds the confidentiality and trust of our patients in 
the highest regard, and we deeply regret that this incident has 
occurred,” Pat Fry, president and CEO of Sutter Health, said in a 
statement. “The Sutter Health Data Security Office was in the process of 
encrypting computers throughout our system when the theft occurred, and 
we have accelerated these efforts.”

The machine was stolen from the Sacramento offices during the weekend of 
Oct. 15. The healthcare firm discovered the theft on Monday, Oct. 17, 
and reported it to the Sacramento Police Department. The database 
included names, addresses, dates of birth, phone numbers, email 
addresses, medical record numbers, and health insurance plan providers, 
between 1995 and January 2011 of 3.3 million patients under Sutter 
Physician Services. SPS provides managed care services and billing for 
healthcare providers.

[...]

_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn