A Sept. 9 press release/substitute notice from Bonney Lake Medical Center in Washington:
Bonney Lake Medical Center was burglarized on August 12, 2011. The thieves broke into the office and stole password-protected computers including a computer server containing patient information. The personal information may have included name, address, Social Security number, insurance information, and medical record. There have been no reports indicating that the information has been misused.
Upon discovery of the theft, a police report was filed and ID Experts®, the data breach solutions company, was retained to assist in notifying affected patients and to mitigate potential misuse of patient information. Notification letters were sent to all affected patients via USPS mail on September 9, 2011.
In addition to notifying all affected patients, Bonney Lake Medical Center is offering one year of fraud resolution services. In the event of misuse of personal information, patients will receive fully-managed victim restoration and insurance reimbursement. Patients with questions regarding this incident can visit www.ProtectBLM.com.
Bonney Lake Medical Center has taken steps to prevent such events in the future include installation of additional encryption technology and updating security procedures to protect patient data.
How patients are being protected:
Bonney Lake Medical Center has contracted with ID Experts, the leader in comprehensive data breach solutions, to provide a one year ID Experts FraudStop™ Healthcare Edition membership. The membership will include:
- Fraud Resolution Representatives
- Healthcare Identity Protection Toolkit™
- Insurance Reimbursement for covered expenses
This press release is in accordance with the Health Information Technology for Economic and Clinical Health (HITECH) Act. Bonney Lake Medical Center has notified patients and the Department of Health and Human Services (HHS). In addition, an informational website and toll-free number hosted by ID Experts are available to affected patients.
h/t, Health Data Management, who reports that 2,370 patients were notified of the breach