“On June 26, 2012, the leadership teams of Hartford Hospital and VNA HealthCare learned that an unencrypted laptop computer containing personal information of some of their patients was stolen from the home of an employee of a firm called Greenplum, which is a subsidiary of one of our vendors, EMC Corp. Greenplum was performing data analysis for EMC on our behalf as part of a quality improvement project related to hospital readmissions.
“The Greenplum employee whose company laptop was stolen immediately reported the theft to the local police department, which filed a report and investigated the crime. EMC promptly began an investigation and informed us of the theft. We have no evidence to suggest that any personal information has been misused as a result of this incident.
“The data on the Greenplum employee’s laptop contained information on 7,461 VNA HealthCare patients and 2,097 Hartford Hospital patients. The data include: names, addresses, dates of birth, marital status, Social Security numbers, Medicaid and Medicare numbers, medical record numbers and certain diagnosis and treatment information. The information on the employee’s laptop was not encrypted. This was a violation of EMC company policy.
“In response to this incident, Hartford Hospital and VNA HealthCare are taking the following steps:
* We are notifying all affected patients and offering two years of free credit monitoring through AllClear ID, a leader in identity-theft protection. This includes credit alerts, fraud investigations and comprehensive identity theft insurance.
* We are establishing a call center to respond to questions from our patients.
* We are providing information on ordering, understanding and optimizing free credit reports, which may reveal evidence of fraud.
* We are doing everything in our power to ensure that all protected health information in use by contractors is encrypted in order to prevent any misuse of data.
* EMC, at our direction, has securely destroyed all Hartford Hospital and VNA HealthCare data currently in its possession.
“Hartford Hospital and VNA HealthCare recommend that affected patients regularly review their credit reports and medical benefits statements for anything they do not recognize. For more information on steps affected patients can take to protect themselves, call toll-free at 1-877-615-3785, [9 a.m. to 9 p.m. (Eastern Time), Monday through Saturday.
“We profoundly regret this incident happened. Integrity and safety are two core values of both Hartford Hospital and VNA HealthCare, which go to great lengths to ensure that data transmitted or transported by their employees are fully encrypted to prevent unintended disclosure. We take very seriously our stewardship of this information, which is central to our roles as healers and caregivers.”
