While cyber attacks, mounted remotely over the Internet, continue to be a core focus for healthcare information security, a newly disclosed breach shows that a simple theft of an unencrypted laptop can still cause big problems.

Premier Healthcare, a multi-specialty group practice in Bloomington, Ind., on January 4 discovered that a laptop holding protected health information on nearly 206,000 individuals had been stolen. The laptop was taken from an administrative office that was protected by an alarm; while it was protected by a password, its information was not encrypted.

Benjamin Howell

Compromised data included names, addresses, dates of birth, medical record numbers, insurance information and some clinical information across screenshots, spreadsheets and PDF documents within the laptop, which was used to support billing functions. Social Security numbers or financial information for 1,769 individuals also were on the laptop.

Also See: The need for a culture of security compliance

In its announcement, Premier Healthcare did not indicate whether protective services are being offered to patients; the organization did not respond to queries from <I>Health Data Management</I> on protection services, the degree to which any computers were encrypted, and other aspects of the breach.

Now, Premier Healthcare is encrypting all computers and reviewing processes and protocols to better prevent theft in the future, a news release said.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access