Vermont-based Caledonia Home Health and Hospice is notifying patients after Netbook was stolen from an employee’s home on July 20.
In a letter dated August 6 to those affected, the hospice writes:
The Netbook contained the home health program, Palmwyse in which patient protected information, including social security numbers, was documented. A police report has been filed with the Vermont State Police. It has been determined that your health information was in the Palmwyse program on the stolen Netbook.
The Netbook was password protected, as was the Palmwyse program. While we think it is unlikely the information could be accessed without the dual password process, it is not impossible.
The hospice is a division of Northern Counties Health Care, Inc..
Somewhat disturbingly, the letter does not indicate whether the Netbook and/or its contents were supposed to have been encrypted as opposed to merely password-protected. Nor does Northern Counties Health Care indicate exactly what they will do going forward to prevent this type of problem from happening again.