Brooklyn Hospital Center, a member hospital of the NewYork-Presbyterian Healthcare System, posted this notice on their website, linked from their home page:
On December 2, 2013, a backpack belonging to a medical resident was stolen while the doctor was on The Brooklyn Hospital Center property. The backpack contained a USB flash drive that contained patient information for an authorized research project to improve patient care. The doctor reported the theft immediately, and the Hospital conducted a diligent search but was unable to recover the stolen items. The information on the flash drive was not encrypted, which was not in accordance with hospital policy.
The information on the flash drive included names and limited medical information (diagnoses and some lab values) of 2,172 patients. The information involves primarily patients with diagnoses of cardiac disease and diabetes. The records did not include financial information or social security numbers.
The Brooklyn Hospital Center deeply regrets this incident and any resulting inconvenience, and has taken steps to prevent further breaches of private patient data. In addition, notification letters have been sent to patients whose data was included on the lost files. Patients with any questions are encouraged to call, toll-free, (877) 615-3743.
The incident was added to HHS’s public breach tool today.