DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Stolen Northwestern Memorial Healthcare computer had information of 2,800 patients

Posted on December 19, 2014 by Dissent

Carlos Sadovi reports:

Nearly 3,000 patients are being notified that a laptop computer stolen in October contained health information from patients of the Northwestern Memorial Healthcare group, hospital officials said Friday

The 2,800 people had been patients of Northwestern Medicine Lake Forest Hospital, Northwestern Memorial Hospital and Northwestern Medical Group, officials said in press release late Friday.

Officials said that they were notified of the theft on Oct. 21.

The laptop computer, which was password protected and “yet unencrypted” contained patient information when it was inside an employee’s vehicle that was stolen on Oct. 21.

Read more on Chicago Tribune.

A notice posted to the hospital’s web site reads:

Northwestern Lake Forest Hospital, Northwestern Memorial Hospital, and Northwestern Medical Group, affiliates of Northwestern Memorial HealthCare (collectively NMHC”), are committed to protecting the confidentiality and security of our patients’ information. Regrettably, this notice concerns an incident involving some of that information.

On October 21, 2014, we learned that a password protected, unencrypted laptop containing patient information was inside an employee’s vehicle that was stolen on that same date. The employee immediately contacted law enforcement who began an investigation. We also immediately began an internal investigation, including hiring an outside expert forensics firm to recreate the data on the laptop. Our investigation determined that the laptop may have contained patients’ names, addresses, dates of birth, health insurance information, billing codes, date of services, physician’s name, medical record numbers, diagnosis, treatment information, and, in some limited instances, Social Security numbers. Patients’ credit card and bank account information were not on the laptop.

This incident did not affect all NMHC patients, and NMHC sent letters notifying affected patients.

At this time, we have no knowledge that this information has been used in any way. However, as a precaution, we began sending letters to affected patients on December 19, 2014, and have established a dedicated call center to answer questions that patients may have. If you believe you are affected but do not receive a letter by January 9, 2014, please call 888-266-9276, Monday through Friday, from 8:00 AM to 8:00 PM Central Time.

We deeply regret any inconvenience this may cause you. NMHC has a robust privacy and security program, including encryption of laptop computers. To help prevent something like this from happening again, NMHC is confirming and ensuring encryption of all laptop computers and reinforcing education with our staff on the importance of handling patients’ information securely.

Please click here to download Notice About Stolen Laptop (PDF).

Category: Uncategorized

Post navigation

← PA: Police investigate hacking threat against Pine Forge Academy
Mercy Medical Center Redding Oncology Clinic notifies patients of privacy breach (updated) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.
  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.