A stolen, unencrypted laptop computer has caused 25-bed Gibson General Hospital in Princeton, Ind., to notify all 29,000 patients treated during the past six years of a breach of their protected health information.

The password-protected laptop was among the items stolen during a burglary of an employee’s home on Nov. 27, 2012, according to the hospital. Some employees are permitted to bring home laptops; the employee required 24-hour access to the electronic health records system, according to the hospital.

The laptop has not been found and the hospital cannot determine which patients had information on it, so it is notifying all patients since January 2007 when the EHR was implemented. But the clinical records contain names, addresses, Social Security numbers and treatment details, among other information. There is no indication the data has been accessed, according to a notice to patients.

Gibson General Hospital is offering affected patients one year of free credit monitoring and identity theft protection services. Gibson General is the only hospital in Gibson County with a population of about 33,500.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access