Have I ever mentioned that I’m old, and I forget things?
Thanks to Healthcare IT News for reminding me that I should have mentioned a recent breach involving OrthoCare Medical Equipment, LLC. I had posted it to DataLossDB.org, but forgot to post it here.
On February 14, OrthoCare learned that a binder with 93 patients’ information had been stolen. The firm does not indicate where the theft occurred – whether it was from an office or an employee’s car, etc. OrthoCare is headquartered in Lebanon, NH, but only one of the individuals affected is a New Hampshire resident. The firm maintains a number of offices, including Boston, however, where the theft was reported to the Boston Police.
Information in the binder included patients’ names, addresses, telephone numbers, dates of birth, Medicare or health insurance plan number, physician’s name, orthopedic-related diagnoses, and items/equipment provided by OrthoCare. The firm had scanned copies of many of the documents and/or was otherwise able to reconstruct the information, but the theft serves as another reminder that paper records can provide a gold mine of information for identity thieves.
OrthoCare notified the New Hampshire Attorney General’s Office on March 25 that notification letters would go out on March 27 and that the firm was offering those affected free credit monitoring and restoration services.