DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More on the Independence Care System laptop theft

Posted on June 10, 2013 by Dissent

As noted previously, Independence Care System in New York notified 2,434 patients after a laptop containing their PHI was stolen on May 7. ICS kindly provided PHIprivacy.net with a copy of their substitute notice of May 31st:

New York City Managed Long-Term Care Plan announces theft of laptop containing member information.

On May 7, 2013, Independence Care System, a managed long-term care plan serving senior adults and people with disabilities in New York City, discovered that, during a burglary at the home of a staff member, an ICS laptop containing information regarding 2,435 members was stolen.  For nearly 60% of the affected members, the information included the member’s name, zip code and ICS Member ID number; for the remainder, the information also included the member’s street address, phone number, Medicaid ID number, and enrollment and/or disenrollment dates. No medical, financial or Social Security Number information was contained on the laptop.  This press release is being issued in compliance with Health Insurance Portability and Accountability Act (HIPAA) regulations.  ICS has offered one year of free credit monitoring to affected members.

The incident was immediately reported to the New York City Police Department.  ICS has not received any indication that the information has been accessed or used by an unauthorized individual.

The affected members have been notified in writing as required by the Health Insurance Portability and Accountability Act (HIPAA).

 #  #  #

Independence Care System is dedicated to supporting adults with physical disabilities and chronic conditions to live at home and participate fully in community life.  ICS operates a nonprofit Medicaid managed long-term care plan serving Manhattan, Brooklyn, the Bronx and Queens. http://www.icsny.org

In a separate statement to PHIprivacy, an ICS spokesperson indicated that the employee was authorized to take the laptop home, and although ICS had procedures in place to protect member privacy, they are taking additional steps to prevent this type of incident from happening again. Specifically, ICS is “accelerating the implementation schedule of several planned security projects, including encrypting all laptops and implementing two-factor authentication for network access. This work is underway and will be completed by September 1, 2013.”

Related posts:

  • ICS Collection Service, Inc. press release on data breach affecting University of Chicago Physicians Group patients
  • Latest update to HHS breach tool discloses previously unknown breaches
Category: Health Data

Post navigation

← Iran Airtour Servers Breached by Yourikan
The Verizon order, the NSA, and what call records might reveal about psychiatric patients →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.