DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

The Medical Center at Bowling Green Notifies Patients of Breach of Protected Health Information

Posted on April 28, 2010 by Dissent

From their press release:

The Medical Center is currently notifying 5,418 patients of a breach of personal protected health information. The breach involves the theft of computer equipment from The Medical Center’s Mammography Suite containing information on patients who underwent bone density testing at The Medical Center between 1997 and 2009. We have no reason at this point to believe the device was stolen for the information on it or that any personal information has been released or used.

On April 1, 2010, we discovered that a piece of computer equipment had been stolen from The Medical Center Mammography Suite. Upon learning of the theft, we immediately conducted a comprehensive investigation of the incident, and the theft has been reported to the Bowling Green Police Department.

We have determined the information on the device included each patient’s full name, date of birth, address, medical record number and physician name. Some patients’ records also included information such as social security numbers, weight, height, and menopause age. The information on the hard drive was not encrypted; however, the hard drive was maintained in a locked, non-public, private area.

The Medical Center has stringent policies and procedures in place to protect patient information and takes very seriously its obligation to safeguard the personal health information of its patients. As a result of this breach, steps are underway to further strengthen the security of patient information. We will now archive data to a secure network, which will allow us to eliminate the need for use of a hard drive like the one that was stolen. Additionally, we will ensure that we do not have any other equipment configurations that utilize a portable hard drive containing non-encrypted data.

The Medical Center is following all of the requirements of the American Recovery and Reinvestment Act of 2009 and the Health Information Technology for Economic and Clinical Health Act which includes: notification of the U.S. Secretary of the Department of Health and Human Services; notification of patients who may have had their personal protected health information accessed by the breach; public disclosure to the local media; and posting information about the breach on The Medical Center’s website.

We have established a toll-free number at 1-877-338-8525 for patients with questions about this matter who live outside the Bowling Green area and who desire to talk directly with The Medical Center’s Privacy Officer. Local residents may reach The Medical Center Privacy Officer at 270-796-2100. In addition, affected patients may visit The Medical Center’s web site at www.TheMedicalCenter.org where updated information about this breach will be posted.

The full press release can be found at http://www.mcbg.org/pdf/Breachv12.pdf

Category: Health Data

Post navigation

← Man indicted in probe of UMC hospital privacy leak
The Medical Center at Bowling Green Notifies Patients of Breach of Protected Health Information →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.