Officials at the University of Mississippi Medical Center in Jackson and the Mississippi Department of Health are notifying nearly 1,500 patients of a data breach.

The patients have participated in research studies and their information was in two password-protected databases on an unencrypted laptop, which was briefly left unsecured at a clinic. The first database contained medical record numbers, age, sex, race, zip code and blinded test results on about 1,400 patients who are being notified by mail. Because names, Social Security numbers and financial information were not in the database, the medical center and health department are not offering paid credit or identity protection services.

The second database held protected health information, which the organizations are not publicly disclosing, but did not hold Social Security numbers or financial information. These patients are being notified by telephone but are not being offered paid protection services.

The university has taken disciplinary actions against employees who failed to follow security guidelines but declined to specific the number of employees and types of actions.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access