The Indy Channel reports:
St. Vincent Hospital has notified 1,200 patients their personal information was on a laptop stolen from an employee’s home.
The computer, containing Social Security numbers and personal health information, was taken during a burglary at a worker’s home on July 25, hospital officials said in a news release Friday night.
Read more on their site.
I do not see any statement on their web site at this time, and of course, some will snicker that they released the statement on Friday night when fewer people read the news on weekends. It’s not clear yet whether the data were encrypted and if not, why a hospital associate had unencrypted patient information on a laptop in his home.
St. Vincent had a previous breach in 2007 when its subcontractor Verus did not reinstall a firewall after an update to its online payment system and 51,000 patients were notified of the possible exposure of their information.
Cross-posted from PHIprivacy.net