The University of Rochester Medical Center in recent days has notified 537 former patients of a breach of their protected health information after a physician’s flash drive went missing.

The drive had information on former orthopaedic patients for a study on improving surgical results. Data on the drive included patient name, gender, birth date, weight, telephone number, medical record number, physician name, service date, diagnosis, procedure and any complications. No Social Security or insurance numbers or addresses were on the device.

The medical center concluded the flash drive likely was lost in an outpatient orthopaedic facility and destroyed in the laundry, but it could not be found. The medical center is reeducating staff and faculty about using encrypted flash drives.

Notification letters are directing patients to free credit monitoring services, according to a hospital spokesperson. The medical center is not offering paid professional services, believing the potential for abuse is low because of likelihood that the drive was destroyed and the lack of addresses and Social Security and insurance numbers.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access