Laura Ungar reports:
A flash drive containing personal information on 24,600 patients is missing from Our Lady of Peace psychiatric hospital, prompting it to warn those patients they could be at risk for fraud.
Hospital officials are sending letters to all those affected, apologizing for the privacy breach and recommending steps they can take. Officials said they are also taking steps internally to prevent such problems in the future.
“We have taken this breach very seriously,” hospital officials said in a statement. “Patient confidentiality is sacred to us and our patients.”
Hospital officials ran a legal advertisement in The Courier-Journal on Thursday notifying the public of the problem. They said the drive contained the following information on patients admitted since 2002: patient names, room numbers, insurance company names and admission and discharge dates. It didn’t include diagnoses or treatments, Social Security numbers, dates of birth, telephone numbers or addresses for these patients.
Read more in the Courier-Journal.
Updated July 2: That link is no longer working, but thanks to an alert reader, here’s another site that summarizes the breach and quotes from the hospital’s statement.