Southwest Mississippi Regional Medical Center contracts with Lakeland Radiologists for radiology services for their patients. Lakeland Radiologists, in turn, contracts with CBIZ Medical Management Professionals to bill patients. On February 23, a computer was stolen from CBIZ that contained radiology reports on patients seen at Lakeland Radiologists. According to an Associated Press story, SMRMC is notifying patients seen between December 2007 and Feb. 23, 2009 who might have had records saved on the stolen computer. There is no notice on either the hospital’s web site, the radiology practice’s web site or CBIZ’s site about the incident, but given that CBIZ is a billing service, it seems plausible that the stolen data included insurance/financial as well as medical information such as diagnostic codes. It’s also possible that the stolen computer contained information on patients seen by other medical practices.
So… were the data encrypted? How big was this breach?
CBIZ has not yet replied to a request for information on this incident, but if/when more information is available, this report will be updated.