DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More on the Independence Care System laptop theft

Posted on June 10, 2013 by Dissent

As noted previously, Independence Care System in New York notified 2,434 patients after a laptop containing their PHI was stolen on May 7. ICS kindly provided PHIprivacy.net with a copy of their substitute notice of May 31st:

New York City Managed Long-Term Care Plan announces theft of laptop containing member information.

On May 7, 2013, Independence Care System, a managed long-term care plan serving senior adults and people with disabilities in New York City, discovered that, during a burglary at the home of a staff member, an ICS laptop containing information regarding 2,435 members was stolen.  For nearly 60% of the affected members, the information included the member’s name, zip code and ICS Member ID number; for the remainder, the information also included the member’s street address, phone number, Medicaid ID number, and enrollment and/or disenrollment dates. No medical, financial or Social Security Number information was contained on the laptop.  This press release is being issued in compliance with Health Insurance Portability and Accountability Act (HIPAA) regulations.  ICS has offered one year of free credit monitoring to affected members.

The incident was immediately reported to the New York City Police Department.  ICS has not received any indication that the information has been accessed or used by an unauthorized individual.

The affected members have been notified in writing as required by the Health Insurance Portability and Accountability Act (HIPAA).

 #  #  #

Independence Care System is dedicated to supporting adults with physical disabilities and chronic conditions to live at home and participate fully in community life.  ICS operates a nonprofit Medicaid managed long-term care plan serving Manhattan, Brooklyn, the Bronx and Queens. http://www.icsny.org

In a separate statement to PHIprivacy, an ICS spokesperson indicated that the employee was authorized to take the laptop home, and although ICS had procedures in place to protect member privacy, they are taking additional steps to prevent this type of incident from happening again. Specifically, ICS is “accelerating the implementation schedule of several planned security projects, including encrypting all laptops and implementing two-factor authentication for network access. This work is underway and will be completed by September 1, 2013.”

No related posts.

Category: Health Data

Post navigation

← Iran Airtour Servers Breached by Yourikan
The Verizon order, the NSA, and what call records might reveal about psychiatric patients →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.