DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Bakersfield medical group notifies patients and providers of stolen laptop

Posted on September 17, 2012 by Dissent

Just because you don’t remove the laptop from the office, don’t kid yourself that it’s secure.  We’ve seen a number of incidents where laptops have been stolen from offices where the failure to encrypt the laptops resulted in breach notice costs for the entities.  The latest entity to incur breach costs due to failure to adequately secure is St. Therese Medical Group in Bakersfield, California. They sent out letters today to patients and providers whose information was on an unencrypted laptop stolen from their offices on July 22.

In their notice to affected patients,  the Bakersfield-based practice states that the laptop held patients’ name, date of birth, Social Security number, name of health insurer, date of treatment, amount billed, and account balance.

In addition to patient information, providers’ information was also on the unencrypted laptop: name, home address, telephone number, Social Security number, Drug Enforcement Agency number,  driver’s license number, medical license number, malpractice history, and national provider identification.

That’s a lot of information to be left unencrypted.  A lot.

Despite all of HHS’s education efforts, it seems the word still hasn’t gotten out.  Or if it has, it’s not being taken seriously enough.

Related posts:

  • July theft of computer with Fairview patient data wasn't the first, Minnesota AG says
Category: Health Data

Post navigation

← Massachusetts provider settles HIPAA case for $1.5 million
Massachusetts Eye and Ear responds to $1.5 million fine →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity
  • Patient death at London hospital linked to cyber attack on NHS
  • ShinyHunters and team members arrested in France (2)
  • Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs
  • Dublin ETB fined €125,000 for data protection breaches
  • From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math
  • Liberty Township in Ohio has recovered its network after a ransomware attack
  • Marquette County Medical Care Facility discloses data breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.