More Details on the Stanford Data Breach

Stanford Hospitals & Clinics has released more information on a data breach affecting 2,500 patients after a physician’s computer was stolen from a locked office.

Compromised information included names, location of service and medical records, some treatment histories, dates of birth or ages, and a handful of Social Security numbers.

Stanford believes Social Security numbers for only six patients were on the computer, but it is offering one year of identity protection services for all affected patients, a spokesperson tells Health Data Management in an e-mail reply to questions. “Security has been tightened in the building and office area where the computer was stolen, but for security reasons I cannot provide further detail.”

Stanford hospitals mandate encryption, but the stolen computer belonged to a faculty physician researcher “and the matter of its encryption is under investigation,” the spokesperson says. No complete patient records were on the computer, which stored “incidental” information about participation in certain treatments and research.