Robert Moran reports:
The Family Planning Council in Philadelphia made public Friday that a computer storage device containing the personal and medical records of about 70,000 patients was stolen in December and remains missing.
The theft was blamed on a former worker whose employment ended Dec. 28, the day the theft was discovered and reported to police.
The former employee, Kelly Stanton, 40, has an extensive criminal record, and has been in and out of prison for the last two decades on multiple convictions of theft and other offenses, court records show.
Read more on Philly.com
A statement on the Family Planning Council web site says:
NOTICE REGARDING THEFT OF FLASH DRIVE CONTAINING PATIENT INFORMATION
Under government health care programs, the Family Planning Council (the “Council”) handles patient data on behalf of health care providers for reporting and billing purposes. The Council’s office was recently burglarized, and one of the items stolen was a flash drive (also known as a “thumb drive” or a “memory stick”) containing password protected patient information. This Notice provides information on how to determine whether your information may have been on the stolen flash drive, what steps you can take to protect yourself, and what the Council is doing in response to this incident.1. What information was on the flash drive and how do I determine if I am affected?
The password protected information on the stolen flash drive included: patient name, address, phone number, social security number, date of birth, and other information, including insurance information and medical information. The information on the flash drive contained information about patients who visited certain providers during limited date ranges.– If you received reproductive health services at any of the following providers during the following dates, please call 1-888-414-8020 and enter reference number 3720040811 between 8:00 am-5:00 pm Eastern Time, Monday through Friday, to determine if you are affected:
- The Children’s Hospital of Philadelphia, May 1, 2010 – September 30, 2010
- Public Health Management Corporation, which operates or operated PHMC Care Clinic, PHMC Health Connection, Rising Sun Health Center, Mary Howard Health Center , Community Court, Project Salud and several emergency housing locations in Philadelphia, July 16, 2009 – October 29, 2010
- Spectrum Health Services, Inc. (Haddington Health Center and the Broad Street Health Center) October 31, 2009 through November 30, 2010
- Planned Parenthood Southeastern Pennsylvania, July 1, 2009 – October 30, 2010
- Planned Parenthood Association of Bucks County, July 1, 2009 – October 31, 2010
– If you are not sure if you are affected, please call 1-888-414-8020 and enter reference number 3720040811.
2. When did the burglary occur and what steps did the Council take?
The burglary occurred over the Christmas holiday weekend, December 23-27, 2010 and was discovered by Council staff on the morning of December 28, 2010. The Council immediately called the Philadelphia Police Department. Over the post-Christmas week and into January, 2011, the Council investigated what had been stolen and determined that the stolen flash drive was the only stolen item that contained patient information.3. Is law enforcement involved in investigating this theft?
The Council promptly reported the theft to the Philadelphia Police Department and a suspect was identified and arrested and has been formally arraigned. The police and the Philadelphia District Attorney requested that we delay notification of the incident to affected individuals while they continued to investigate the crime. At this time the stolen information has not been recovered.[…]
5. What is the Council doing to prevent future problems?
The Council has put additional protections in place to prevent such incidents from occurring in the future, including not allowing unencrypted personal information to be stored on removable hardware, such as flash drives, retraining staff and working with their building to enhance facility security. We deeply regret that this incident occurred, and we want to assure you that your privacy is our utmost concern.Stanton was arrested Feb. 9 and was charged with burglary, theft, criminal trespass, and receiving stolen property, the District Attorney’s Office said. He remained in custody Friday.