One of the recent breaches added to HHS’s public breach tool involved a case where a laptop connected to equipment was stolen from the covered entity’s premises.
Midwest Urological Group in Peoria, Illinois reported that 982 patients had information on a laptop that was stolen on or about May 30th.
There does not appear to be any notice on their web site as of today’s date, but I was able to track down some coverage of the incident.
On June 4, the Journal Star reported:
A laptop valued at $4,000 was reported stolen from the Midwest Urological Group on Tuesday. According to a police report, the laptop contained patient information on its hard drive.
An employee of the group contacted police Tuesday after noticing a laptop used by employees had been missing for a day. The laptop was connected to a larger piece of equipment, but only the laptop was stolen, according to the report. The laptop was reported to contain information on patients treated at the facility and expensive medical software.
The last employee to have used the laptop told police he may have inadvertently left the storage closet that houses the equipment and laptop unlocked. Employees told police the laptop was stolen between noon Saturday and 4:30 p.m. Tuesday.
A subsequent notice (now only available in cache) in the Journal Star appeared on August 1:
Midwest Urological Group, 7309 N. Knoxville Ave., is notifying almost 1,000 current and former patients of a potential data breach because of a stolen laptop computer. There’s been no indication that any information has been misused.
The laptop did not contain patient health information beyond the testing data, and it did not contain information that could lead to identity theft, such as social security numbers or credit card numbers. For more information, call Brenda at (800) 692-9898.