The theft of two desktop computers and an external hard drive at Olson & White Orthodontics in Florissant, Mo., has resulted in notification to 10,000 patients and their parents.

The burglary occurred on July 22. Compromised data on the machines included patient names, addresses, medical images and diagnoses, as well as parents’ names, Social Security numbers, email addresses and credit scores, according to the St. Louis Post Dispatch.

Responding to an inquiry on security technologies that were employed on the computers, Daniel Nelson, an attorney with Armstrong Teasdale LLP and representing Olson & White, responded, “I can tell you that Olson & White utilized industry standard medical office products for processing and transmission of sensitive data. These products generally included encryption. In our post break-in investigation, however, we discovered potential vulnerabilities which led us to conclude that certain sequences of events could result in the storage of data in an unencrypted form. We are working with Olson & White’s I.T. consultant, software vendors and staff to address those findings. As I’m sure you are aware, security is an ongoing process of threat/vulnerability identification and formulation of appropriate responses.”

A Frequently Asked Questions posting to patients and parents gave detailed information on how they could monitor credit activity to prevent identity theft, but did not include an offer of paid protection services. Nelson did not respond to a question on whether the clinic would be offering such services.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access