American Family Care, which operates 55 clinics in Alabama, Florida, Georgia and Tennessee, is offering one year of identity protection services to nearly 2,500 patients after two laptops were stolen from an employee’s car in July.

AllClear ID is the company contracted to provide the protection. The breach affects a subset of patients in the Birmingham, Ala., region, which includes 16 clinics. The laptops, stolen in Marietta, Ga., and which the organization says “were strongly password protected,” contained only information on Birmingham area patients being treated for work-related injuries or illnesses.  Data did not pertain to primary or urgent care visits.

(See also: Top Healthcare Data Breaches Caused by Hackers)

Data on the laptops include Social Security numbers, names, birth dates, addresses, phone numbers, medical record numbers, medical and insurance information, driver’s license numbers and dates of service. Patient notifications started on Sept. 26.

American Family Care does not have notices of the breach posted on its Birmingham or corporate Web sites. Lauren Simmons, corporate counsel, told Health Data Management that the organization is complying with federal breach notification requirements “and evaluating how best to notify our patients of the theft. If a notice becomes required to be posted on our Web site, we will post it at that time.”

The organization now is adopting encryption technology.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access