Some of the higher-profile healthcare information breach cases are:
Aurora St. Luke's Medical Center: The weekend of Oct. 9-11, the office of hospitalists employed by Cogent Healthcare was burglarized in a building adjacent to Aurora St. Luke's in Milwaukee, according to hospital spokesman Adam Beeson. Taken was a laptop computer with billing information on 6,400 people, mostly Aurora hospital inpatients, that included in almost all cases, names and diagnoses, and in some cases addresses, medical record numbers and Social Security numbers, Beeson said. Records for about 20 doctors were also on the computer, he said. Cogent spokeswoman Anne Hancock had embarked on a program to encrypt data on laptop computers used by its physicians, but the data on the laptop stolen in Milwaukee was not encrypted. Hancock said by Dec. 4, all laptops used by Cogent personnel will have encryption capabilities.
Blue Cross and Blue Shield of Tennessee: In its Chattanooga office, 57 hard drives were stolen early in October from servers being used for training, according to a plan spokeswoman. The drives held copies of 300,000 computer “screens” pulled up during customer service interactions along with recordings of 50,000 hours of telephone conversations about patient care and medical bills, according to the health plan. The data included names, addresses, dates of birth and, in some cases, diagnoses. The breach was discovered Oct. 6. Four hundred contract employees from the Kroll security firm augmented more than 400 Blue Cross employees assigned to deal with the breach, according to spokeswoman Mary Thompson.
Children's Hospital of Philadelphia: On Oct. 20, an employee had a laptop computer stolen from a car parked at home; the computer contained the Social Security numbers and other personal information of 943 people, hospital spokeswoman Juliann Walsh confirmed last week. Walsh said the hospital is providing the affected parties with identity theft monitoring, consultation and restoration services.
Harris County Hospital District: Sixteen employees were fired for alleged violations of patient privacy laws involving the records of a first-year resident, according to a district official. The Houston Chronicle reported that the workers were fired Nov. 20 for looking at the medical records of a first-year Baylor College resident assigned to Ben Taub General Hospital, Houston, according to the Associated Press.
Health Net: Sometime in May, a hard drive disappeared from the Shelton, Conn., office of Health Net, an insurer based in Woodland Hills, Calif. According to Connecticut Attorney General Richard Blumenthal, the drive contained health information, and financial and personal data, such as Social Security numbers, on 446,000 Connecticut patients. The data were compressed but not encrypted. According to Blumenthal, his office was not notified of the breach until Nov. 18—about the same time as plan members. Blumenthal said his office is investigating, and he recently announced that the hard drive was stolen, although Health Net has not confirmed if the information was stolen or misplaced.
What do you think? Write us with your comments at [email protected]. Please include your name, title and hometown.