KCRA reports:
Information regarding approximately 15,000 Kaiser Permanente patients, including about 4,000 people in the Sacramento area, was stolen in December, the organization said Tuesday.
Names and medical record numbers — and in some cases age, gender, phone number and general information regarding their medical care — were taken Dec. 1 when an external electronic data storage device containing the data was stolen from a Kaiser Permanente employee’s car at the employee’s home in Sacramento, said Kristin Chambers, vice president of compliance and privacy for Kaiser Permanente.
“We regret any inconvenience or worry this incident may cause,” Chambers said in a prepared statement.
Kaiser said Tuesday there were no patient Social Security numbers or financial information on the device, adding that there is no evidence that the information was used inappropriately. Affected patients have been notified by Kaiser Permanente.
[…]
Chambers said the employee was authorized to access the information involved as part of her job. However, the use of the device was unauthorized and violated Kaiser Permanente’s policies regarding data storage, and the employee was terminated.
Read more on KCRA.
The Stockton Record adds:
The incident affects 15,500 Kaiser members, of which approximately 1,600 are in Kaiser’s Central Valley Service Area that encompasses San Joaquin and Stanislaus counties. Kaiser mailed letters of explanation and apology to affected members Monday.
State regulators have not determined at this point whether any regulatory action needs to be taken.
Update: The employee was fired.