Data breach at Philadelphia hospital impacts thousands

Names, birth dates, social security numbers, insurance information and other data for 21,000 patients was exposed after a laptop was stolen from an office at Thomas Jefferson University Hospital.

PHILADELPHIA (eSecurity Planet) August 6, 2010 -- Thomas Jefferson University Hospital in Philadelphia this week became the latest hospital forced to notify thousands of patients that some of their most sensitive financial and medical information was compromised following a laptop theft.

Hospital officials said the names, birth dates, social security numbers, insurance information and other internal and administrative coding data, for approximately 21,000 patients was exposed after a laptop was stolen from an office in the hospital.

The theft covers those who received inpatient care at the hospital between March and November of 2008.

On June 14, an employee reported a personal laptop he was using to store the data was stolen. While the laptop was password protected, the data itself was not encrypted.

The hospital then hired Kroll, a risk consulting company, to conduct an internal investigation as it began the process of notifying those patients potentially affected by the breach.

This incident is just the latest in a string of data breaches and device thefts that have plagued hospitals and health-care providers this year.

Link: http://www.esecurityplanet.com/news/article.php/3897071/Data-Breach-at-Philly-Hospital-Impacts-Thousands.htm

Source: DHS Daily Open Source Infrastructure Report