From the Baylor College of Medicine and Texas Children’s Hospital‘s web sites:
On May 13, 2010, a physician from Baylor College of Medicine and affiliated with Texas Children’s Hospital had his password-protected laptop stolen from an office at Texas Children’s Hospital in Houston, Texas. Electronic files on the laptop contained demographic and clinical information of approximately 1600 cardiology patients, including names, medical record numbers, dates of service, diagnoses and dates of birth. No patient or parent financial or insurance information was stored on the laptop. This did not affect all of our patients. Texas Children’s Hospital has mailed notices to the persons affected in accordance with state, federal, and international laws.
Patient confidentiality is a top priority at Texas Children’s Hospital and Baylor College of Medicine. The hospital and medical school assure its patients, and the parents of its patients, that they took immediate steps to investigate and attempt to recover the laptop. There is no evidence to believe that any of the confidential information stored on the computer has been accessed or used for fraudulent purposes. We sent individual letters and are posting this notice as precautionary measures to advise parents and guardians of affected patients of an incident that involved some patient information.
A police report was filed with the Houston Police Department and the hospital and medical school fully cooperated with law enforcement’s investigation. Texas Children’s Hospital in cooperation with the Houston Police Department subsequently apprehended the suspect and charges have been filed. Unfortunately, the laptop has not yet been recovered.
The hospital and medical school have taken many steps to help keep this from happening in the future. Safeguard requirements and policies and procedures for laptops have been reviewed and we are in the process of encrypting patient data to help ensure that patient data is stored and handled in a secure manner. Workforce members have also been re-educated about the importance of laptop and password security.
The hospital and medical school deeply regret that this occurred and we are committed to fully protecting all of the information entrusted to us by parents and patients.
We are providing notification of this matter because we believe that it is important for our patients and their families to know how seriously we take this, the steps we are taking to remedy a breach such as this, and to fulfill requirements under state and federal law. For questions, patient or patient families can call 1-877-631-0440 Monday through Friday between 7 A.M. and 5:00 P.M. and refer to # 2222072910 when prompted.