Houston Methodist Hospital learned on Dec. 5 that an encrypted laptop and some paper files were stolen, and began notifying patients, local media and federal officials on Dec. 6.

Although most of the compromised information was on the encrypted device and not subject to reporting under the breach notification rule, the hospital is offering a year of paid identity theft protection services to all 1,300 transplant patients affected by the breach.

“It’s the right thing to do,” a hospital spokesperson tells Health Data Management. “We take any breach of patient privacy very seriously. We want to assure our patients that their personal information will be protected.”

Protected health information on the laptop and in the paper files included names, dates of birth, Social Security numbers and some medical information. “At Methodist, we take a patient’s right to privacy very seriously--we diligently handle and protect thousands of patient records every day and we have a variety of safeguards to protect patient information,” according to a hospital statement. “We deeply regret this incident occurred and are taking additional measures to protect and assist our patients.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access