Medical Records of 2,000 Patients Breached after Theft of Laptop

As ever more important and sensitive data is being stored on laptops, the risk of data breaches continues to rise. Reports of another significant data breach resulting from the theft of a laptop serve as a reminder of how vulnerable sensitive data is to theft and how it's critical that employees take care to protect the data in their possession.

Children’s Hospital Boston has had to inform 2,000 patients or their parents that their medical information was breached. The breached information was on an employee's laptop, which was stolen while the employee was at a conference.

The laptop was password-protected but unencrypted. The patient records had been sent in a file as an e-mail attachment. The attachment had not been saved to the laptop’s hard drive. While the hospital was unsure whether the file was accessible on the laptop, the hospital informed all the involved patients of the potential breach.

In this case, the patients were relatively lucky, because the file did not include Social Security numbers or financial information.The file did, however, include such sensitive information as the patients' names, dates of birth, diagnoses, procedures, dates of surgery and medical record numbers.

WeComply’s information security training course uses interactive features, including quizzes and news clippings, to train employees on the data-security issues that they should be aware of to help their organizations avoid costly data breaches. WeComply also offers a data security refresher course, an engaging, user-friendly video that reinforces key concepts and reminds employees of the importance of being careful with their company’s important data. 

Categories: Data Privacy & Security
Tags: HIPAA, Information Security