Employee’s loss of thumb drive imperils data at Renown Health

Renown Health is mailing breach notification letters to some patients after an employee in late June lost a thumb drive holding protected health information.

The Reno, Nev.-based organization is not commenting on how many patients were affected, but that information eventually will be transmitted to the HHS Office for Civil Rights and made public, along with other documentation of the incident.

The data contained on the thumb drive is only from patients who received inpatient services at Renown South Meadows Medical Center from Jan. 1, 2012, to June 14, 2019.

Renown South Meadows Medical Center-CROP.jpg

An investigation, an interview of the employee and a thorough search failed to find the thumb drive. Data at risk includes patient names, medical record numbers, diagnoses, clinical information, dates of admission and physician’s names.

Patients were told that there is no indication at this time that protected information was misused.

Social Security numbers and financial information were not on the thumb drive. Consequently, the patient notification letter does not include an offer of protective services such as credit monitoring and identify theft protection, but the letter does provide general information to patients on how to protect their electronic information.

“We recommend that patients review the statements they receive from their healthcare provider,” the letter advised. “If you see services you did not receive, please contact the provider immediately.”

“We deeply regret any concern or inconvenience this incident may cause our patients,” Renown Health’s letter concluded. “To help prevent something like this from happening in the future, we are reviewing our policy on portable devices, such as thumb drives, and providing additional employee education on safeguarding patient information.”

For reprint and licensing requests for this article, click here.