Cedars-Sinai Health System in Los Angeles is notifying more than 500 patients that protected health information was on a laptop stolen from an employee’s home during a burglary on June 23. The investigation continues and the full extent of the breach is not yet known.

The laptop was password-protected although its encryption functionality was not operational because it was not reinstalled following changes to the operating system, which violated company security policies, a spokesperson tells Health Data Management.

The employee used the laptop for troubleshooting software used for clinical laboratory reporting, so the laptop was at home to investigate problems occurring during off-hours. Protected information on the laptop included medical record numbers, patient identification numbers, lab testing information, treatment and diagnosis information, and a “small percentage” of Social Security numbers, according to a statement.

See also: Top Health Data Breaches Caused by Hackers

Cedars-Sinai will notify additional affected patients as they are identified and will offer credit monitoring services to those with compromised SSNs. The breach is the first major one for the organization under the breach notification law and the HHS Office for Civil Rights has been notified.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access