Yanez Dental Corporation in California recently reported a data breach to HHS.
In a notice on their web site dated June 15, they write, in part:
Our dental office was burglarized (5/22/2011). We have reported this incident to the police for investigation. The vandals stole three of our computers among other things. Personal information stored in these computers included names, birthdate, address, Social Security Number, telephone number, etc. It is important to mention that we are not aware that any personal information has been accessed or used inappropriately. For the purpose of security, each of the three computers has four level of passwords protection. However, we feel it is important for us to inform you of any potential situation, and explain steps you can to prevent or reduce any potential risk of identity theft or fraud loss.
[…]
According to HHS’s breach tool, 10,190 patients had information on the stolen computers.
I’m not quite sure I understand what the practice means by the “etc.” in types of information. Does “etc” include insurance account numbers, any financial information, etc.? It would have been helpful for them to be more inclusive in their description.