Statement from UCSF:
UC San Francisco is alerting some individuals to the theft of a physician’s personal laptop computer that contained personal and health information.
While the physician believed the laptop was encrypted, this could not be confirmed. As a result, the individuals involved are being notified.
The security of protected health information at UCSF is of utmost importance. While there is no evidence at this time that there has been any attempted access or attempted use of the information stored on the laptop, UCSF is responding with the highest level of caution and concern.
Notification letters have been sent to the 8,294 individuals whose information was contained on the laptop. The California Department of Public Health and the California Attorney General have been alerted, and federal authorities are also being notified. Additionally, a special phone line has been established to provide information and assistance to individuals who receive the notification letters, and credit monitoring is being offered to some individuals whose Social Security numbers were involved.
UCSF learned on Sept. 25 that the personal laptop computer had been stolen that evening from the locked vehicle of the physician, based in the Division of Gastroenterology at the UCSF School of Medicine. Upon discovering the theft, the physician promptly alerted San Francisco police, UCSF police and UCSF officials.
Since UCSF could not verify that the laptop was encrypted, UCSF immediately began a technical analysis to identify what information was on the laptop. The analysis revealed that the laptop contained some personal and health information of individuals, including dates of birth, medical record numbers and Social Security numbers.
Also stolen were paper documents for four patients, some of whose information was on the laptop. Information in the paper documents contained some personal and health information, including health insurance subscriber numbers.
The UCSF investigation determined that it was appropriate for the physician to have this information; however, the use of an unencrypted laptop for business purposes is against UCSF’s policy and practice.
UCSF is committed to maintaining the privacy of personal information and has taken additional steps to secure that information, including strengthening educational and operational processes for information security.
Should you have any questions about this matter, please call 1-800-981-7567 (for international callers, please dial 1-503-597-7671).
UCSF is a leading university dedicated to promoting health worldwide through advanced biomedical research, graduate-level education in the life sciences and health professions, and excellence in patient care. It includes top-ranked graduate schools of dentistry, medicine, nursing and pharmacy, a graduate division with nationally renowned programs in basic biomedical, translational and population sciences, as well as a preeminent biomedical research enterprise and two top-ranked hospitals, UCSF Medical Center and UCSF Benioff Children’s Hospital.