Just to keep our records and chronologies complete, I am posting this breach that occurred in December 2007; notification was made in January 2008, but it just came to our attention:
A folder stolen from the vehicle of an employee of Johns Hopkins contained sensitive information on 190 former and current members of an outpatient program called Creative Alternatives.
Information on individuals included: name, date of birth, Social Security number, insurance information, Medicaid/Medicare information, amount of assistance checks, race, gender, and telephone number. For some individuals, the information also included details of crisis plans as well as psychotropic medications.
In their notification letter, Donald Bradfield, Senior Counsel to Johns Hopkins Medicine, describes steps that JHM would take to prevent future problems of this kind, including instructing employees never to leave information in an unattended vehicle overnight. One wonders why that wasn’t already their policy given the number of thefts from vehicles that had occurred in 2006 and 2007.