The data breach, affecting everyone treated in the Salt Lake City-based delivery system during the past 16 years, occurred on June 2, and the university disclosed it on June 10. That is considerably faster disclosure than for many other health care data breaches announced in recent months. Data on the tapes included names and related demographic information, diagnostic codes and Social Security numbers for 1.3 million individuals.
The university is sending a letter of notification to all affected individuals. It hosted a news conference on June 10, set up a Web site and established a toll-free telephone hotline staffed 24 hours a day. It also is offering one year of free credit monitoring services and identity theft insurance for the 1.3 million individuals whose Social Security number was on the tapes. There is no indication the data was compromised.
The billing tapes were stolen from the personal car of a driver at Perpetual Storage, a local company that for 16 years has stored the university’s tapes in an off-site vault. The driver violated company protocols by not using a secure company van and leaving the tapes in his car overnight instead of delivering them to the vault. Local police believe the theft was a random car burglary, according to the university, which has suspended deliveries to Perpetual Storage pending completion of an investigation.
More information is available at http://healthcare.utah.edu/billingrecordstheft.
Be the first to comment on this post using the section below.